Universitätsprofessor (W3) / Lehrstuhlinhaber
Full Professor / Head of Chair
Technische Universität Darmstadt, Fachbereich Informatik,
Wissenschaft und Technik für Frieden und Sicherheit (PEASEC)
Pankratiusstraße 2, 64289 Darmstadt, Raum 108
E-Mail: reuter(at)peasec.tu-darmstadt.de | Web: www.chreu.de
Telefon: +49 (0) 6151 / 1620941 | Sekretariat: +49 (0) 6151 / 162094-0/-8
Online-Profile: Google Scholar | dblp | ORCID
CV (en)
Prof. Dr. Dr. Christian Reuter is Full Professor and Dean of the Department of Computer Science at Technical University of Darmstadt. His chair of Science and Technology for Peace and Security (PEASEC) combines computer science with peace and security research. He holds a Ph.D. in Information Systems (University of Siegen) and another Ph.D. in Security Policy (Radboud University Nijmegen). On the intersection of (A) Cyber Security and Privacy, (B) Peace and Conflict Studies as well as (C) Human-Computer Interaction, he and his team specifically address (1) Peace Informatics and technical Peace Research, (2) Crisis Informatics and Information Warfare as well as (3) Usable Safety, Security and Privacy.
Christian Reuter studied Information Systems at the University of Siegen, Germany and the École Supérieure de Commerce de Dijon, France (Dipl.-Wirt.Inf.; M.Sc.) and worked as an IT consultant. He holds a Ph.D. in Information Systems from University of Siegen (Technology Design for Inter-Organizational Crisis Management) and a Ph.D. in Public Administration and Political Science, esp. Security Policy from Radboud University Nijmegen (Social Media for Public Safety and Security). After receiving offers from several universities, he was appointed as professor at Technical University of Darmstadt in 2017. He is a member of the Department of Computer Science, which he has headed as dean/vice-dean since 2021, and secondary member of the Department of History and Social Sciences.
His often interdisciplinary research is regularly awarded, has resulted in about 400 scientific publications and is mentioned in various media (e.g. ARD, FAZ, ZEIT). He and his team manage national and international research projects and he has successfully supervises PhD students. He engages at the university (e.g., as dean, as profile area coordinator, in faculty council, examination committee, numerous appointment and doctoral committees, ethics committee), in major projects (e.g. als board member of a DFG Collaborative Research Center or ATHENE research coordinator), in scientific societies (e.g. German Informatics Society, several boards) as well as general chair of scientific conferences (e.g. Mensch und Computer ‘22, Science Peace Security ’19 and ’23) and in editorial boards (e.g., Behaviour & Information Technology). As a web entrepreneur, he realizes web projects since 2002.
CV (de)
Prof. Dr. Dr. Christian Reuter ist Universitätsprofessor und Dekan am Fachbereich Informatik der Technischen Universität Darmstadt. Sein Lehrstuhl Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) verbindet Informatik mit Friedens- und Sicherheitsforschung. Er hält Doktorgrade in Wirtschaftsinformatik (Siegen) sowie in Sicherheitspolitik (Nijmegen). Mit einem Fokus auf Cybersicherheit und -Privatheit, Friedens- und Konfliktforschung sowie Mensch-Computer-Interaktion adressiert er und sein Team die Themenfelder Friedensinformatik, Kriseninformatik und Informationskrieg sowie Benutzbare Sicherheit und Privatheit.
Christian Reuter studierte an der Universität Siegen und der École Supérieure de Commerce de Dijon (Dipl.-Wirt.Inf.; M.Sc.) und arbeitete anschließend als IT-Consultant. Er promovierte in Wirtschaftsinformatik an der Universität Siegen (Technologiedesign für (inter-)organisationales Krisenmanagement) sowie in Sicherheitspolitik an der Radboud Universiteit Nijmegen (Soziale Medien für die Öffentliche Sicherheit). Nach Rufen mehrerer Universitäten wurde er 2017 zum Universitätsprofessor an der Technischen Universität Darmstadt ernannt. Er ist Mitglied des Fachbereichs Informatik, dem er seit 2021 als Dekan/Prodekan vorsteht, und Zweitmitglied des Fachbereichs Gesellschafts- und Geschichtswissenschaften.
Seine oft interdisziplinäre Forschung wird regelmäßig ausgezeichnet, hat etwa 400 wissenschaftlichen Publikationen hervorgebracht und fand Erwähnung in verschiedensten Medien (u.a. ARD, FAZ, ZEIT). Zusammen mit seinem Team koordiniert er Forschungsprojekte (z.B. BMBF, DFG, EU) und betreut erfolgreich Doktorand:innen. Er engagiert sich in der Universität (z.B. als Dekan, als Profilthemensprecher, in Fachbereichsrat, Prüfungskommission, in Berufungs- und Promotionskommissionen, in der Ethikkommission), in Großprojekten (z.B. als ATHENE-Forschungsbereichsleiter oder DFG-SFB-Direktoriumsmitglied), in Fachgesellschaften (z.B. Gesellschaft für Informatik, verschiedene Beiräte) sowie als Hauptorganisator wissenschaftlicher Konferenzen (z.B. Mensch und Computer ‘22, Science Peace Security ’19 und ’23) und in wissenschaftlichen Herausgebergremien (z.B. Behaviour & Information Technology). Als IT-Unternehmer realisiert er seit 2002 Web-Projekte.
Pictures/Press
Profilfoto: mittel | groß | PEASEC-Logo: klein | mittel | groß | Vektor
Alternativen:
Source: PEASEC/TU Darmstadt
Positions
Fachbereiche:
- Fachbereich Informatik (Mitglied 2017-, Prodekan 2021-2023, Dekan 2023-2025)
- Fachbereich Gesellschafts- und Geschichtswissenschaften (Zweitmitglied 2018-)
Großprojekte:
- TU-Profilthema Cybersicherheit und Privatheit (PI, stv. Sprecher 2021-)
- TU-Profilbereich Cybersicherheit (CYSEC) (PI 2017-2020)
- Nationales Forschungszentrum für angewandte Cybersicherheit ATHENE (PI, Missions-/Forschungsbereichsleiter 2020-)
- Center for Research in Security and Privacy (CRISP 2017-2019, in ATHENE überführt)
- LOEWE-Zentrum emergenCITY (PI, Leiter der Graduiertenschule 2020-2023)
- DFG Sonderforschungsbereich CROSSING (PI 2018-2026, Mitglied des Direktoriums 2019-2026)
- DFG Sonderforschungsbereich MAKI (assoz. PI 2018-2019)
- DFG Graduiertenkolleg Privacy & Trust (PI 2020-2024)
- BMBF Forschungszentrum „Transformations of Political Violence“ (TraCe) (PI 2022-2026)
Kommissionen:
- Fachbereichsrat (Mitglied, 2021-2025, Vorsitzender, 2023-2025)
- Ethikkommission (stv. Vorsitzender, 2017-2021, komm. Vorsitzender 2020-2021)
- Prüfungskommission Informatik (Mitglied, 2019-2022)
- Promotionsausschuss (Vorsitzender, 2022-2025)
- div. Promotionskommissionen (Mitglied und Vorsitzender, 2018-)
- div. Habilitationskommission (Mitglied, 2017-)
- div. TU-Berufungskomissionen (z.B. W3 Digital Humanities, W3 Friedens- und Konfliktforschung, W3 Computernetze und Verteilte Systeme, W2 Naturwissenschaftliche Friedensforschung, W3 Friedens- und Konfliktforschung: transnationale Akteure) (Mitglied)
- div. TU-Berufungskomissionen (z.B. W2TT Mensch-Computer-Interaktion, IRG Natural Language Processing, W1 Mobile Mensch-Computer-Interaktion) (Vorsitzender)
- div. externe Berufungskommissionen (z.B. Hamburg, Lübeck, Münster, Wuppertal) (Mitglied und Gutachter)
Weitere TU-interne Mitgliedschaften:
- Interdisziplinäre Arbeitsgruppe Naturwissenschaft, Technik und Sicherheit (IANUS) (Co-Sprecher 2017-)
- AG Interdisziplinäre Stadtforschung (Mitglied 2019-)
Weitere externe Mitgliedschaften:
- Ethik- und Technologiebeirat der Digitalstadt Darmstadt (Mitglied 2018-2021)
- BMBF Forschungsgruppe KontiKat (Leitender Mentor 2017-2021)
- Gesellschaft für Informatik – Fachgruppe „Usable Safety & Security” (Gründungssprecher 2015-2019, stv. Sprecher 2019-, Leitungsgremium 2015-)
- Gesellschaft für Informatik – Fachbereich „Mensch-Computer-Interaktion” (Mitglied; Mitglied des Leitungsgremiums 2015-2019, 2021-2025)
- Deutsche Stiftung Friedensforschung (Mitglied im wissenschaftlichen Beirat)
- Forschungsverbund Naturwissenschaft, Abrüstung und internationale Sicherheit (FONAS) (Mitglied; Leiter einer tragenden Gruppe)
- EU Non-Proliferation and Disarmament Consortium (Mitglied)
Publications (→all publications of his group)
Small Selection (~30)
2024
[BibTeX] [Abstract] [Download PDF]
Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users‘ privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.
@article{biselli_supporting_2024,
title = {Supporting {Informed} {Choices} about {Browser} {Cookies}: {The} {Impact} of {Personalised} {Cookie} {Banners}},
url = {https://petsymposium.org/popets/2024/popets-2024-0011.pdf},
doi = {https://doi.org/10.56553/popets-2024-0011},
abstract = {Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users' privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.},
number = {1},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Biselli, Tom and Utz, Laura and Reuter, Christian},
year = {2024},
keywords = {Student, Security, UsableSec, HCI, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A},
pages = {171--191},
}
[BibTeX] [Abstract] [Download PDF]
Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.
@inproceedings{hartwig_adolescents_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {From {Adolescents}' {Eyes}: {Assessing} an {Indicator}-{Based} {Intervention} to {Combat} {Misinformation} on {TikTok}},
isbn = {9798400703300},
url = {https://doi.org/10.1145/3613904.3642264},
doi = {10.1145/3613904.3642264},
abstract = {Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants
engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting
teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {Association for Computing Machinery},
author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, A-Paper, Ranking-CORE-A*, Selected, AuswahlCrisis, Projekt-ATHENE-PriVis, Projekt-NEBULA},
}
[BibTeX] [Abstract] [Download PDF]
Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.
@article{hartwig_landscape_2024,
title = {The {Landscape} of {User}-centered {Misinformation} {Interventions} – {A} {Systematic} {Literature} {Review}},
volume = {56},
issn = {0360-0300},
url = {https://peasec.de/paper/2024/2024_HartwigDoellReuter_LandscapeUserCentredMisinfoInterventions_CSUR.pdf},
doi = {10.1145/3674724},
abstract = {Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.},
number = {11},
journal = {ACM Computing Surveys (CSUR)},
author = {Hartwig, Katrin and Doell, Frederic and Reuter, Christian},
month = jul,
year = {2024},
keywords = {Peace, Student, HCI, A-Paper, Ranking-CORE-A*, Selected, Projekt-NEBULA, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.
@inproceedings{kaufhold_we_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
isbn = {9798400703300},
url = {https://peasec.de/paper/2024/2024_KaufholdRiebeBayerReuter_CertDesignCaseStudy_CHI.pdf},
doi = {10.1145/3613904.3642368},
abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
publisher = {Association for Computing Machinery},
author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CYWARN, Projekt-ATHENE-CyAware, Projekt-CYLENCE, A-Paper, AuswahlKaufhold, AuswahlUsableSec, Ranking-CORE-A*, Selected},
}
[BibTeX] [Abstract] [Download PDF]
Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.
@article{kuntke_geobox_2024,
title = {{GeoBox}: {Design} and {Evaluation} of a {Tool} for {Resilient} and {Decentralized} {Data} {Management} in {Agriculture}},
volume = {43},
issn = {0144-929X},
url = {https://peasec.de/paper/2023/2023_KuntkeKaufholdLinsnerReuter_GeoBox_BIT.pdf},
doi = {10.1080/0144929X.2023.2185747},
abstract = {Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.},
number = {4},
journal = {Behaviour \& Information Technology (BIT)},
author = {Kuntke, Franz and Kaufhold, Marc-André and Linsner, Sebastian and Reuter, Christian},
month = mar,
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, Security, UsableSec, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {764--786},
}
[BibTeX] [Abstract] [Download PDF]
In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.
@article{linsner_decision-based_2024,
title = {Decision-based {Data} {Distribution} ({D}³): {Enabling} {Users} to {Minimize} {Data} {Propagation} in {Privacy}-sensitive {Scenarios}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0113.php},
doi = {10.56553/popets-2024-0113},
abstract = {In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Linsner, Sebastian and Demuth, Kilian and Fischlin, Marc and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CROSSING, A-Paper, Selected, Projekt-ATHENE-PriVis, Ranking-CORE-A},
}
[BibTeX] [Abstract] [Download PDF]
Technological and scientific progress, especially the rapid development in information technology (IT) and artificial intelligence (AI), plays a crucial role regarding questions of peace and security. This textbook, extended and updated in its second edition, addresses the significance, potential of IT, as well as the challenges it poses, with regard to peace and security. It introduces the reader to the concepts of peace, conflict, and security research, especially focusing on natural, technical and computer science perspectives. In the following sections, it sheds light on cyber conflicts, war and peace, cyber arms control, cyber attribution, infrastructures, artificial intelligence, as well ICT in peace and conflict.
@book{reuter_information_2024,
address = {Wiesbaden, Germany},
edition = {2},
title = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
isbn = {978-3-658-44809-7},
url = {https://doi.org/10.1007/978-3-658-44810-3},
abstract = {Technological and scientific progress, especially the rapid development in information technology (IT) and artificial intelligence (AI), plays a crucial role regarding questions of peace and security. This textbook, extended and updated in its second edition, addresses the significance, potential of IT, as well as the challenges it poses, with regard to peace and security.
It introduces the reader to the concepts of peace, conflict, and security research, especially focusing on natural, technical and computer science perspectives. In the following sections, it sheds light on cyber conflicts, war and peace, cyber arms control, cyber attribution, infrastructures, artificial intelligence, as well ICT in peace and conflict.},
publisher = {Springer Vieweg},
author = {Reuter, Christian},
year = {2024},
keywords = {Peace, Projekt-TraCe, Security, Projekt-CROSSING, Selected, Cyberwar, AuswahlPeace, Infrastructure},
}
2023
[BibTeX] [Abstract] [Download PDF]
Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model’s generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.
@article{bayer_survey_2023,
title = {A {Survey} on {Data} {Augmentation} for {Text} {Classification}},
volume = {55},
url = {https://dl.acm.org/doi/pdf/10.1145/3544558},
doi = {10.1145/3544558},
abstract = {Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model's generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.},
number = {7},
journal = {ACM Computing Surveys (CSUR)},
author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {Crisis, Projekt-CYWARN, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, AuswahlKaufhold, Ranking-CORE-A*, Selected, AuswahlCrisis, Ranking-ImpactFactor},
pages = {1--39},
}
[BibTeX] [Abstract] [Download PDF]
Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.
@article{haunschild_preparedness_2023,
title = {Preparedness {Nudging} for {Warning} {Apps}? {A} {Mixed}-{Method} {Study} {Investigating} {Popularity} and {Effects} of {Preparedness} {Alerts} in {Warning} {Apps}},
volume = {172},
issn = {1071-5819},
url = {https://peasec.de/paper/2023/2023_HaunschildPauliReuter_NudgingWarningApps_IJHCS.pdf},
doi = {https://doi.org/10.1016/j.ijhcs.2023.102995},
abstract = {Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.},
journal = {International Journal on Human-Computer Studies (IJHCS)},
author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
year = {2023},
keywords = {Student, Crisis, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, Selected, AuswahlCrisis, Ranking-ImpactFactor},
pages = {102995},
}
[BibTeX] [Abstract] [Download PDF]
Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.
@article{reinhold_extrust_2023,
title = {{ExTRUST}: {Reducing} {Exploit} {Stockpiles} {With} a {Privacy}-{Preserving} {Depletion} {Systems} for {Inter}-{State} {Relationships}},
volume = {4},
url = {https://peasec.de/paper/2023/2023_ReinholdKuehnGuentherSchneiderReuter_ExTrust-ehem-BlockED_TTaS.pdf},
doi = {10.1109/TTS.2023.3280356},
abstract = {Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.},
number = {2},
journal = {IEEE Transactions on Technology and Society},
author = {Reinhold, Thomas and Kuehn, Philipp and Günther, Daniel and Schneider, Thomas and Reuter, Christian},
year = {2023},
keywords = {Peace, Student, Projekt-ATHENE-SecUrban, Projekt-CROSSING, A-Paper, Selected, Cyberwar, AuswahlPeace, Projekt-GRKPrivacy},
pages = {158--170},
}
2022
[BibTeX] [Abstract] [Download PDF]
The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study’s findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.
@article{franken_digital_2022,
title = {The {Digital} {Divide} in {State} {Vulnerability} to {Submarine} {Communications} {Cable} {Failure}},
volume = {38},
url = {https://peasec.de/paper/2022/2022_FrankenReinholdReichertReuter_DigitalDivideStateVulnerabilitySubmarineCommunicationsCable_IJCIP.pdf},
doi = {10.1016/j.ijcip.2022.100522},
abstract = {The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study's findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.},
number = {100522},
journal = {International Journal of Critical Infrastructure Protection (IJCIP)},
author = {Franken, Jonas and Reinhold, Thomas and Reichert, Lilian and Reuter, Christian},
year = {2022},
keywords = {Student, Projekt-AgriRegio, Security, Projekt-ATHENE-SecUrban, A-Paper, Selected, Ranking-ImpactFactor, AuswahlPeace},
pages = {1--15},
}
[BibTeX] [Abstract] [Download PDF]
Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users‘ perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.
@article{hartwig_nudging_2022,
title = {Nudging {Users} {Towards} {Better} {Security} {Decisions} in {Password} {Creation} {Using} {Whitebox}-based {Multidimensional} {Visualizations}},
volume = {41},
url = {https://peasec.de/paper/2022/2022_HartwigReuter_WhiteboxMultidimensionalNudges_BIT.pdf},
doi = {10.1080/0144929X.2021.1876167},
abstract = {Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users' perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.},
number = {7},
journal = {Behaviour \& Information Technology (BIT)},
author = {Hartwig, Katrin and Reuter, Christian},
year = {2022},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {1357--1380},
}
[BibTeX] [Abstract] [Download PDF]
Agriculture is subject to high demands regarding resilience as it is an essential component of the food production chain. In the agricultural sector, there is an increasing usage of digital tools that rely on communication and energy infrastructures. Should disruption occur, such strengthened dependencies on other infrastructures increase the probability of ripple effects. Thus, there is a need to analyze the resilience of the agricultural sector with a specific focus on the effects of digitalization. This study works out resilience capacities of the interconnected technologies used in farm systems based on the experiences and opinions of farmers. Information was gathered through focus group interviews with farmers (N = 52) and a survey with participants from the agricultural sector (N = 118). In particular, the focus is put on the digital tools and other information and communication technologies they use. Based on a definition of resilience capacities, we evaluate resilience regarding energy and communication demands in various types of farm systems. Especially important are the resilience aspects of modern systems’ digital communication as well as the poorly developed and nonresilient network infrastructure in rural areas that contrast with the claim for a resilient agriculture. The result is a low robustness capacity, as our analysis concludes with the risk of food production losses.
@article{kuntke_resilience_2022,
title = {Resilience in {Agriculture}: {Communication} and {Energy} {Infrastructure} {Dependencies} of {German} {Farmers}},
volume = {13},
issn = {2192-6395},
url = {https://link.springer.com/article/10.1007/s13753-022-00404-7},
doi = {10.1007/s13753-022-00404-7},
abstract = {Agriculture is subject to high demands regarding resilience as it is an essential component of the food production chain. In the agricultural sector, there is an increasing usage of digital tools that rely on communication and energy infrastructures. Should disruption occur, such strengthened dependencies on other infrastructures increase the probability of ripple effects. Thus, there is a need to analyze the resilience of the agricultural sector with a specific focus on the effects of digitalization. This study works out resilience capacities of the interconnected technologies used in farm systems based on the experiences and opinions of farmers. Information was gathered through focus group interviews with farmers (N = 52) and a survey with participants from the agricultural sector (N = 118). In particular, the focus is put on the digital tools and other information and communication technologies they use. Based on a definition of resilience capacities, we evaluate resilience regarding energy and communication demands in various types of farm systems. Especially important are the resilience aspects of modern systems’ digital communication as well as the poorly developed and nonresilient network infrastructure in rural areas that contrast with the claim for a resilient agriculture. The result is a low robustness capacity, as our analysis concludes with the risk of food production losses.},
number = {2},
journal = {International Journal of Disaster Risk Science (IJDRS)},
author = {Kuntke, Franz and Linsner, Sebastian and Steinbrink, Enno and Franken, Jonas and Reuter, Christian},
month = apr,
year = {2022},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, RSF, Security, A-Paper, Selected, Ranking-ImpactFactor, Projekt-HyServ, Ranking-CORE-B, Projekt-GRKPrivacy},
pages = {214--229},
}
[BibTeX] [Abstract] [Download PDF]
Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.
@book{reuter_european_2022,
address = {Nijmegen},
title = {A {European} {Perspective} on {Crisis} {Informatics}: {Citizens}' and {Authorities}' attitudes towards {Social} {Media} for {Public} {Safety} and {Security}},
url = {https://repository.ubn.ru.nl/handle/2066/253000},
abstract = {Mobilising helpers in the event of a flood or letting friends know that you are okay in the event of a terrorist attack – more and more people are using social media in emergency, crisis or disaster situations. Storms, floods, attacks or pandemics (esp. COVID-19) show that citizens use social media to inform themselves or to coordinate. This thesis presents qualitative and quantitative studies on the attitudes of emergency services and citizens in Europe towards social media in emergencies. Across the individual sub-studies, almost 10,000 people are surveyed including representative studies in the Netherlands, Germany, the UK and Italy. The work empirically shows that social media is increasingly important for emergency services, both for prevention and during crises; that private use of social media is a driving force in shaping opinions for organisational use; and that citizens have high expectations towards authorities, especially monitoring social media is expected, and sometimes responses within one hour. Depending on the risk culture, the data show further differences, e.g. whether the state (Germany) or the individual (Netherlands) is seen as primarily responsible for coping with the situation.},
publisher = {The Radboud University Thesis Repository},
author = {Reuter, Christian},
year = {2022},
doi = {10.1007/978-3-658-39720-3},
keywords = {Crisis, HCI, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, Selected, AuswahlCrisis, SocialMedia, Projekt-KontiKat, Projekt-EmerGent, Dissertation},
}
[BibTeX] [Abstract] [Download PDF]
In the digital age, the vision of autonomous vehicles (AVs) is vibrant. Research is being conducted worldwide to inte-grate AVs into our everyday lives in the future, spending consid-erable amounts of money in the development process. Actors from both engineering as well as social sciences are involved in this re-search, with technical disciplines strongly dominating. In addition to perceived progress of numerous newly developed technologies such as AVs, challenges should also be referred to. According to research analysis, the transferability of autonomous cars to the military sphere seems to be frequently forgotten or ignored (dual-use). Since not much research has been conducted in Germany on the potential deployment of autonomous driving development steps into military domains, 25 semi-structured interviews with de-velopers and researchers and actors involved in the field, were conducted in 2020. The paper identifies that the majority of re-spondents interviewed were aware of general existing dual-use de-bates, however, few had reflected about dual-use issues regarding a possible transfer of their own development processes in the con-text of autonomous driving to military applications, intensively. One reason is the small-scale nature of research, another is the complexity of the field, which enables the engineer’s alienation from their responsibility for the artefacts’ use. Moreover, it has become clear that hardly any conversations among colleagues oc-cur about possible misuse and that no standardized policy guide-lines exist, which provide information about possible risk. To raise dual-use awareness, scientific contributions, risk education, and interdisciplinary discussions are essential.
@article{schwartz_vision_2022,
title = {Vision or {Threat} – {Awareness} for {Dual}-{Use} in the {Development} of {Autonomous} {Driving}},
volume = {3},
issn = {2637-6415},
url = {https://www.peasec.de/paper/2022/2022_SchwartzGuntrumReuter_VisionorThreatAwarenessDualUseAutonomousDriving_IEEE-TTS.pdf},
doi = {10.1109/TTS.2022.3182310},
abstract = {In the digital age, the vision of autonomous vehicles (AVs) is vibrant. Research is being conducted worldwide to inte-grate AVs into our everyday lives in the future, spending consid-erable amounts of money in the development process. Actors from both engineering as well as social sciences are involved in this re-search, with technical disciplines strongly dominating. In addition to perceived progress of numerous newly developed technologies such as AVs, challenges should also be referred to. According to research analysis, the transferability of autonomous cars to the military sphere seems to be frequently forgotten or ignored (dual-use). Since not much research has been conducted in Germany on the potential deployment of autonomous driving development steps into military domains, 25 semi-structured interviews with de-velopers and researchers and actors involved in the field, were conducted in 2020. The paper identifies that the majority of re-spondents interviewed were aware of general existing dual-use de-bates, however, few had reflected about dual-use issues regarding a possible transfer of their own development processes in the con-text of autonomous driving to military applications, intensively. One reason is the small-scale nature of research, another is the complexity of the field, which enables the engineer’s alienation from their responsibility for the artefacts’ use. Moreover, it has become clear that hardly any conversations among colleagues oc-cur about possible misuse and that no standardized policy guide-lines exist, which provide information about possible risk. To raise dual-use awareness, scientific contributions, risk education, and interdisciplinary discussions are essential.},
language = {en},
number = {3},
journal = {IEEE Transactions on Technology and Society},
author = {Schwartz, Sebastian and Guntrum, Laura and Reuter, Christian},
year = {2022},
keywords = {Peace, Projekt-TraCe, Projekt-ATHENE-FANCY, A-Paper, Selected, Ranking-ImpactFactor, AuswahlPeace},
pages = {163--174},
}
2021
[BibTeX] [Abstract] [Download PDF]
During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.
@article{haesler_stronger_2021,
title = {Stronger {Together}: {How} {Neighborhood} {Groups} {Build} up a {Virtual} {Network} during the {COVID}-19 {Pandemic}},
volume = {5},
url = {https://peasec.de/paper/2021/2021_HaeslerSchmidVierneiselReuter_StrongerTogetherVirtualNetworkCOVID19_CSCW.pdf},
abstract = {During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Haesler, Steffen and Schmid, Stefka and Vierneisel, Annemike Sophia and Reuter, Christian},
year = {2021},
keywords = {Crisis, HCI, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, Selected, AuswahlCrisis, Ranking-CORE-A},
}
[BibTeX] [Abstract] [Download PDF]
Technological progress can disrupt domains and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk. Having insight into the business data of others along the supply chain provides an advantage in terms of market position. This is particularly true in agriculture, where there is already a significant imbalance of power between actors. A multitude of small and medium-sized farming businesses are opposed by large upstream and downstream players that drive technological innovation. Further weakening the market position of farmers could lead to severe consequences for the entire sector. We found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other hand, privacy itself influences adoption of digital tools. Our study sheds light on the emerging challenges for farmers and the role of privacy in the process of digitalization in agriculture.
@article{linsner_role_2021,
title = {The {Role} of {Privacy} in {Digitalization} – {Analysing} the {German} {Farmers}' {Perspective}},
volume = {2021},
url = {https://www.petsymposium.org/2021/files/papers/issue3/popets-2021-0050.pdf},
doi = {10.2478/popets-2021-0050},
abstract = {Technological progress can disrupt domains
and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers
that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data
itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and
consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk.
Having insight into the business data of others along the
supply chain provides an advantage in terms of market
position. This is particularly true in agriculture, where
there is already a significant imbalance of power between actors. A multitude of small and medium-sized
farming businesses are opposed by large upstream and
downstream players that drive technological innovation.
Further weakening the market position of farmers could
lead to severe consequences for the entire sector. We
found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other
hand, privacy itself influences adoption of digital tools.
Our study sheds light on the emerging challenges for
farmers and the role of privacy in the process of digitalization in agriculture.},
number = {3},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Linsner, Sebastian and Kuntke, Franz and Steinbrink, Enno and Franken, Jonas and Reuter, Christian},
year = {2021},
keywords = {Projekt-GeoBox, Security, UsableSec, HCI, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A, Ranking-ImpactFactor, Projekt-HyServ, Projekt-GRKPrivacy},
pages = {334--350},
}
[BibTeX] [Abstract] [Download PDF]
Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.
@book{reuter_sicherheitskritische_2021,
address = {Wiesbaden},
edition = {2},
title = {Sicherheitskritische {Mensch}-{Computer}-{Interaktion}: {Interaktive} {Technologien} und {Soziale} {Medien} im {Krisen}- und {Sicherheitsmanagement} ({Zweite} {Auflage})},
isbn = {978-3-658-32795-8},
url = {https://www.springer.com/de/book/9783658327941},
abstract = {Die zweite, aktualisierte Auflage dieses Lehr- und Fachbuchs gibt eine fundierte und praxisbezogene Einführung sowie einen Überblick über Grundlagen, Methoden und Anwendungen der Mensch-Computer-Interaktion im Kontext von Sicherheit, Notfällen, Krisen, Katastrophen, Krieg und Frieden. Dies adressierend werden interaktive, mobile, ubiquitäre und kooperative Technologien sowie soziale Medien vorgestellt. Hierbei finden klassische Themen wie benutzbare (IT-)Sicherheit, Industrie 4.0, Katastrophenschutz, Medizin und Automobil, aber auch Augmented Reality, Crowdsourcing, Shitstorm Management, Social Media Analytics und Cyberwar ihren Platz. Methodisch wird das Spektrum von Usable Safety bis Usable Security Engineering von Analyse über Design bis Evaluation abgedeckt. Das Buch eignet sich ebenso als Lehrbuch für Studierende wie als Handbuch für Wissenschaftler, Designer, Entwickler und Anwender.},
publisher = {Springer Vieweg},
author = {Reuter, Christian},
year = {2021},
keywords = {Peace, Security, UsableSec, HCI, Projekt-CYWARN, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, Selected, AuswahlCrisis, SocialMedia, Projekt-KontiKat, Infrastructure},
}
[BibTeX] [Abstract] [Download PDF]
Spillover effects describe the process of a company benefiting from the R&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.
@article{riebe_measuring_2021,
title = {Measuring {Spillover} {Effects} from {Defense} to {Civilian} {Sectors} – {A} {Quantitative} {Approach} {Using} {LinkedIn}},
volume = {32},
url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_SpilloverEffectsDefensetoCivilianLinkedIn_PDE.pdf},
doi = {10.1080/10242694.2020.1755787},
abstract = {Spillover effects describe the process of a company benefiting from the R\&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.},
number = {7},
journal = {Defence and Peace Economics},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
year = {2021},
keywords = {Peace, Projekt-ATHENE-SecUrban, A-Paper, Selected, Ranking-ImpactFactor, Cyberwar, AuswahlPeace, Projekt-DualUse},
pages = {773--785},
}
2020
[BibTeX] [Abstract] [Download PDF]
The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during conflicts and crises. Social media allow emergency services to reach the public easily in the context of crisis communication and receive valuable information (e.g. pictures) from social media data. However, the vast amount of data generated during large-scale incidents can lead to issues of information overload and quality. To mitigate these issues, this paper proposes the semi-automatic creation of alerts including keyword, relevance and information quality filters based on cross-platform social media data. We conducted empirical studies and workshops with emergency services across Europe to raise requirements, then iteratively designed and implemented an approach to support emergency services, and performed multiple evaluations, including live demonstrations and field trials, to research the potentials of social media-based alerts. Finally, we present the findings and implications based on semi-structured interviews with emergency services, highlighting the need for usable configurability and white-box algorithm representation.
@article{kaufhold_mitigating_2020,
title = {Mitigating {Information} {Overload} in {Social} {Media} during {Conflicts} and {Crises}: {Design} and {Evaluation} of a {Cross}-{Platform} {Alerting} {System}},
volume = {39},
url = {https://www.tandfonline.com/doi/full/10.1080/0144929X.2019.1620334},
doi = {10.1080/0144929X.2019.1620334},
abstract = {The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during conflicts and crises. Social media allow emergency services to reach the public easily in the context of crisis communication and receive valuable information (e.g. pictures) from social media data. However, the vast amount of data generated during large-scale incidents can lead to issues of information overload and quality. To mitigate these issues, this paper proposes the semi-automatic creation of alerts including keyword, relevance and information quality filters based on cross-platform social media data. We conducted empirical studies and workshops with emergency services across Europe to raise requirements, then iteratively designed and implemented an approach to support emergency services, and performed multiple evaluations, including live demonstrations and field trials, to research the potentials of social media-based alerts. Finally, we present the findings and implications based on semi-structured interviews with emergency services, highlighting the need for usable configurability and white-box algorithm representation.},
number = {3},
journal = {Behaviour \& Information Technology (BIT)},
author = {Kaufhold, Marc-André and Rupp, Nicola and Reuter, Christian and Habdank, Matthias},
year = {2020},
keywords = {Security, Crisis, HCI, Projekt-ATHENE-FANCY, A-Paper, AuswahlKaufhold, Selected, AuswahlCrisis, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia, Projekt-KontiKat},
pages = {319--342},
}
[BibTeX] [Abstract] [Download PDF]
Since the emergence of so-called fake news on the internet and in social media, platforms such as Facebook have started to take countermeasures, and researchers have begun looking into this phenomenon from a variety of perspectives. A large number of scientific work has investigated ways to detect fake news automatically. Less attention has been paid to the subsequent step, i.e., what to do when you are aware of the inaccuracy of claims in social media. This work takes a user-centered approach on means to counter identified mis- and disinformation in social media. We conduct a three-step study design on how approaches in social media should be presented to respect the users‘ needs and experiences and how effective they are. As our first step, in an online survey representative for some factors to the German adult population, we enquire regarding their strategies on handling information in social media, and their opinion regarding possible solutions — focusing on the approach of displaying a warning on inaccurate posts. In a second step, we present five potential approaches for countermeasures identified in related work to interviewees for qualitative input. We discuss (1) warning, (2) related articles, (3) reducing the size, (4) covering, and (5) requiring confirmation. Based on the interview feedback, as the third step of this study, we select, improve, and examine four promising approaches on how to counter misinformation. We conduct an online experiment to test their effectiveness on the perceived accuracy of false headlines and also ask for the users‘ preferences. In this study, we find that users welcome warning-based approaches to counter fake news and are somewhat critical with less transparent methods. Moreover, users want social media platforms to explain why a post was marked as disputed. The results regarding effectiveness are similar: Warning-based approaches are shown to be effective in reducing the perceived accuracy of false headlines. Moreover, adding an explanation to the warning leads to the most significant results. In contrast, we could not find a significant effect on one of Facebook’s current approaches (reduced post size and fact-checks in related articles).
@article{kirchner_countering_2020,
title = {Countering {Fake} {News}: {A} {Comparison} of {Possible} {Solutions} {Regarding} {User} {Acceptance} and {Effectiveness}},
volume = {4},
url = {https://dl.acm.org/doi/10.1145/3415211},
doi = {10.1145/3415211},
abstract = {Since the emergence of so-called fake news on the internet and in social media, platforms such as Facebook have started to take countermeasures, and researchers have begun looking into this phenomenon from a variety of perspectives. A large number of scientific work has investigated ways to detect fake news automatically. Less attention has been paid to the subsequent step, i.e., what to do when you are aware of the inaccuracy of claims in social media. This work takes a user-centered approach on means to counter identified mis- and disinformation in social media. We conduct a three-step study design on how approaches in social media should be presented to respect the users' needs and experiences and how effective they are. As our first step, in an online survey representative for some factors to the German adult population, we enquire regarding their strategies on handling information in social media, and their opinion regarding possible solutions — focusing on the approach of displaying a warning on inaccurate posts. In a second step, we present five potential approaches for countermeasures identified in related work to interviewees for qualitative input. We discuss (1) warning, (2) related articles, (3) reducing the size, (4) covering, and (5) requiring confirmation. Based on the interview feedback, as the third step of this study, we select, improve, and examine four promising approaches on how to counter misinformation. We conduct an online experiment to test their effectiveness on the perceived accuracy of false headlines and also ask for the users' preferences. In this study, we find that users welcome warning-based approaches to counter fake news and are somewhat critical with less transparent methods. Moreover, users want social media platforms to explain why a post was marked as disputed. The results regarding effectiveness are similar: Warning-based approaches are shown to be effective in reducing the perceived accuracy of false headlines. Moreover, adding an explanation to the warning leads to the most significant results. In contrast, we could not find a significant effect on one of Facebook's current approaches (reduced post size and fact-checks in related articles).},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Kirchner, Jan and Reuter, Christian},
year = {2020},
note = {Place: Austin, USA
Publisher: ACM},
keywords = {Student, Crisis, HCI, A-Paper, Selected, AuswahlCrisis, Ranking-CORE-A, Ranking-ImpactFactor, Cooperation},
pages = {140:1--140:28},
}
2019
[BibTeX] [Abstract] [Download PDF]
Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural-science, technical and computer science perspec-tives. In the following, it sheds light on cyber conflicts, war and peace, cyber arms con-trol, cyber attribution and infrastructures as well as culture and interaction before an outlook is given.
@book{reuter_information_2019-1,
address = {Wiesbaden, Germany},
title = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
isbn = {978-3-658-25652-4},
url = {https://www.springer.com/de/book/9783658256517},
abstract = {Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural-science, technical and computer science perspec-tives. In the following, it sheds light on cyber conflicts, war and peace, cyber arms con-trol, cyber attribution and infrastructures as well as culture and interaction before an outlook is given.},
publisher = {Springer Vieweg},
author = {Reuter, Christian},
year = {2019},
doi = {10.1007/978-3-658-25652-4},
keywords = {Peace, RSF, Security, Crisis, Projekt-CROSSING, Selected, Cyberwar, AuswahlPeace, Projekt-DualUse, Projekt-CRISP, Infrastructure, Projekt-MAKI},
}
[BibTeX] [Abstract] [Download PDF]
Usage of social media during emergencies and respective perceptions vary across countries. Our representative survey of 7,071 citizens in Europe (Germany, Italy, the Netherlands and the United Kingdom) shows differences of current use of social media in emergencies, expectations towards authorities monitoring social media, intensity of perceiving barriers regarding the use as well as variances concerning the (likelihood of future) use of mobile apps. While German and British participants‘ frequency of use of social media is medium and low, respectively, Italian and Dutch respondents use them relatively frequently. Our comparison of the four countries allows for an interpretation of divergent behavior across countries with respect to risk cultures as well as expanding the respective model to social media contexts. At the same time, our findings stress that across the four European countries participants assessed similar advantages like dissemination of information and barriers like false rumors with respect to use social media during emergencies. Distributed equally across nations, age and gender showed significant relationships with social media usage which, among other findings, suggests being helpful for effective implementation of management structures using new technologies.
@article{reuter_impact_2019,
title = {The {Impact} of {Risk} {Cultures}: {Citizens}' {Perception} of {Social} {Media} {Use} in {Emergencies} across {Europe}},
volume = {148},
url = {http://www.peasec.de/paper/2019/2019_ReuterKaufholdSchmidSpielhoferHahne_TheImpactofRiskCultures_TFSC.pdf},
doi = {10.1016/j.techfore.2019.119724},
abstract = {Usage of social media during emergencies and respective perceptions vary across countries. Our representative survey of 7,071 citizens in Europe (Germany, Italy, the Netherlands and the United Kingdom) shows differences of current use of social media in emergencies, expectations towards authorities monitoring social media, intensity of perceiving barriers regarding the use as well as variances concerning the (likelihood of future) use of mobile apps. While German and British participants' frequency of use of social media is medium and low, respectively, Italian and Dutch respondents use them relatively frequently. Our comparison of the four countries allows for an interpretation of divergent behavior across countries with respect to risk cultures as well as expanding the respective model to social media contexts. At the same time, our findings stress that across the four European countries participants assessed similar advantages like dissemination of information and barriers like false rumors with respect to use social media during emergencies. Distributed equally across nations, age and gender showed significant relationships with social media usage which, among other findings, suggests being helpful for effective implementation of management structures using new technologies.},
number = {119724},
journal = {Technological Forecasting and Social Change (TFSC)},
author = {Reuter, Christian and Kaufhold, Marc-André and Schmid, Stefka and Spielhofer, Thomas and Hahne, Anna Sophie},
year = {2019},
keywords = {Crisis, HCI, A-Paper, Selected, AuswahlCrisis, Ranking-ImpactFactor, SocialMedia, Projekt-EmerGent, Ranking-VHB-B},
pages = {1--17},
}
2018
[BibTeX] [Abstract] [Download PDF]
Since the terrorist attacks of 9/11, the use of social media in emergency and crisis events has greatly increased and many studies have concentrated on the use of ICT and social media be-fore, during or after these events. The field of research that these studies fall under is called cri-sis informatics. In this paper, we evaluate and analyze crisis informatics research by looking at case studies of social media use in emergencies, outlining the types of research found in crisis informatics, and expounding upon the forms of interaction that have been researched. Finally, we summarize the achievements from an HCI perspective and outline trends and challenges for future research.
@article{reuter_social_2018,
title = {Social {Media} in {Crisis} {Management}: {An} {Evaluation} and {Analysis} of {Crisis} {Informatics} {Research}},
volume = {34},
url = {http://www.peasec.de/paper/2018/2018_ReuterHughesKaufhold_SocialMediaCrisisManagementEvaluation_IJHCI.pdf},
doi = {10.1080/10447318.2018.1427832},
abstract = {Since the terrorist attacks of 9/11, the use of social media in emergency and crisis events has greatly increased and many studies have concentrated on the use of ICT and social media be-fore, during or after these events. The field of research that these studies fall under is called cri-sis informatics. In this paper, we evaluate and analyze crisis informatics research by looking at case studies of social media use in emergencies, outlining the types of research found in crisis informatics, and expounding upon the forms of interaction that have been researched. Finally, we summarize the achievements from an HCI perspective and outline trends and challenges for future research.},
number = {4},
journal = {International Journal on Human-Computer Interaction (IJHCI)},
author = {Reuter, Christian and Hughes, Amanda Lee and Kaufhold, Marc-André},
year = {2018},
keywords = {Peace, Crisis, HCI, A-Paper, Selected, AuswahlCrisis, Ranking-ImpactFactor, SocialMedia, Projekt-KontiKat, Ranking-CORE-B, Ranking-WKWI-B},
pages = {280--294},
}
[BibTeX] [Abstract] [Download PDF]
Social media has been established in many larger emergencies and crises. This process has not started just a few years ago, but already 15 years ago in 2001 after the terrorist attacks of 9/11. In the following years, especially in the last 10, sometimes summarized under the term crisis informatics, a variety of studies focusing on the use of ICT and social media before, during or after nearly every crisis and emergency has arisen. This article aims to recapitulate 15 years of social media in emergencies and its research with a special emphasis on use patterns, role patterns and perception patterns that can be found across different cases in order to point out what has been achieved so far, and what future potentials exist.
@article{reuter_fifteen_2018,
title = {Fifteen {Years} of {Social} {Media} in {Emergencies}: {A} {Retrospective} {Review} and {Future} {Directions} for {Crisis} {Informatics}},
volume = {26},
url = {http://www.peasec.de/paper/2018/2018_ReuterKaufhold_FifteenYearsSocialMediaEmergencies_JCCM.pdf},
doi = {10.1111/1468-5973.12196},
abstract = {Social media has been established in many larger emergencies and crises. This process has not started just a few years ago, but already 15 years ago in 2001 after the terrorist attacks of 9/11. In the following years, especially in the last 10, sometimes summarized under the term crisis informatics, a variety of studies focusing on the use of ICT and social media before, during or after nearly every crisis and emergency has arisen. This article aims to recapitulate 15 years of social media in emergencies and its research with a special emphasis on use patterns, role patterns and perception patterns that can be found across different cases in order to point out what has been achieved so far, and what future potentials exist.},
number = {1},
journal = {Journal of Contingencies and Crisis Management (JCCM)},
author = {Reuter, Christian and Kaufhold, Marc-André},
year = {2018},
keywords = {Peace, Crisis, HCI, A-Paper, AuswahlKaufhold, Selected, AuswahlCrisis, Ranking-ImpactFactor, SocialMedia, Projekt-EmerGent, Projekt-KOKOS},
pages = {41--57},
}
2016
[BibTeX] [Abstract] [Download PDF]
Various studies show that social media is used in emergencies – and that in spite of possible challenges for emergency services, beneficial use cases can be identified. However, relatively little empirical data is available regarding the attitudes of emergency services towards social media, and almost none of a comparative nature. This article summarizes the findings of a survey conducted of the EU project ‘EmerGent‘ with 761 emergency service staff across 32 European countries from September to December 2014. The main aims of the survey were to explore the attitudes expressed by emergency service staff towards social media for private and organizational use as well as the levels and main factors influencing the current and likely future use of social media in their organizations. Based on our results, we discuss possible enhancements of the emergency management cycle using social media.
@article{reuter_emergency_2016,
title = {Emergency {Services} {Attitudes} towards {Social} {Media}: {A} {Quantitative} and {Qualitative} {Survey} across {Europe}},
volume = {95},
url = {https://peasec.de/paper/2016/2016_ReuterLudwigKaufholdSpielhofer_EmergencyServicesAttiudesSurveySocialMedia_IJHCS.pdf},
doi = {10.1016/j.ijhcs.2016.03.005},
abstract = {Various studies show that social media is used in emergencies – and that in spite of possible challenges for emergency services, beneficial use cases can be identified. However, relatively little empirical data is available regarding the attitudes of emergency services towards social media, and almost none of a comparative nature. This article summarizes the findings of a survey conducted of the EU project ‘EmerGent' with 761 emergency service staff across 32 European countries from September to December 2014. The main aims of the survey were to explore the attitudes expressed by emergency service staff towards social media for private and organizational use as well as the levels and main factors influencing the current and likely future use of social media in their organizations. Based on our results, we discuss possible enhancements of the emergency management cycle using social media.},
journal = {International Journal on Human-Computer Studies (IJHCS)},
author = {Reuter, Christian and Ludwig, Thomas and Kaufhold, Marc-André and Spielhofer, Thomas},
year = {2016},
keywords = {Crisis, HCI, A-Paper, AuswahlKaufhold, Selected, AuswahlCrisis, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia, Projekt-EmerGent, Ranking-WKWI-B},
pages = {96--111},
}
2015
[BibTeX] [Abstract] [Download PDF]
Recent disasters have shown an increase in the significance of social media for both affected citizens and volunteers alike in the coordination of information and organization of relief activities, often independently of and in addition to the official emergency response. Existing research mainly focuses on the way in which individual platforms are used by volunteers in response to disasters. This paper examines the use of social media during the European Floods of 2013 and proposes a novel cross-social-media application for volunteers. Besides comprehensive analysis of volunteer communities, interviews were conducted with „digital volunteers“ such as Facebook moderators of disaster-related groups. Based on the challenges identified, we designed and implemented the cross-social-media application „XHELP“, which allows information to be both, acquired and distributed cross-media and cross-channel. The evaluation with 20 users leads to further design requirements for applications aiming to support volunteer moderators during disasters.
@inproceedings{reuter_xhelp_2015,
address = {Seoul, Korea},
title = {{XHELP}: {Design} of a {Cross}-{Platform} {Social}-{Media} {Application} to {Support} {Volunteer} {Moderators} in {Disasters}},
url = {http://www.peasec.de/paper/2015/2015_ReuterLudwigKaufholdPipek_XHELP_CHI.pdf},
doi = {10.1145/2702123.2702171},
abstract = {Recent disasters have shown an increase in the significance of social media for both affected citizens and volunteers alike in the coordination of information and organization of relief activities, often independently of and in addition to the official emergency response. Existing research mainly focuses on the way in which individual platforms are used by volunteers in response to disasters. This paper examines the use of social media during the European Floods of 2013 and proposes a novel cross-social-media application for volunteers. Besides comprehensive analysis of volunteer communities, interviews were conducted with "digital volunteers" such as Facebook moderators of disaster-related groups. Based on the challenges identified, we designed and implemented the cross-social-media application "XHELP", which allows information to be both, acquired and distributed cross-media and cross-channel. The evaluation with 20 users leads to further design requirements for applications aiming to support volunteer moderators during disasters.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {ACM Press},
author = {Reuter, Christian and Ludwig, Thomas and Kaufhold, Marc-André and Pipek, Volkmar},
year = {2015},
keywords = {Crisis, HCI, A-Paper, AuswahlKaufhold, Ranking-CORE-A*, Selected, AuswahlCrisis, SocialMedia, Cooperation, Projekt-EmerGent, Ranking-WKWI-A},
pages = {4093--4102},
}
2014
[BibTeX] [Abstract] [Download PDF]
Using the domain of crisis management, Christian Reuter explores challenges and opportunities for technology design in emergent environments. He therefore empirically analyzes collaborative work in inter-organizational crisis – such as the police, fire departments, energy network operators and citizens – in order to identify collaboration practices that reveal work infrastructure limitations. He also designs, implements and evaluates novel concepts and ICT artifacts towards the support of emergent collaboration. Besides the discovery of potential organizational effects on the ability to deal with emergence he presents methodological implications for technology design.
@book{reuter_emergent_2014-1,
address = {University of Siegen, Institute for Information Systems, Germany},
title = {Emergent {Collaboration} {Infrastructures}: {Technology} {Design} for {Inter}-{Organizational} {Crisis} {Management} ({Ph}.{D}. {Thesis})},
isbn = {978-3-658-08585-8},
url = {http://www.springer.com/springer+gabler/bwl/wirtschaftsinformatik/book/978-3-658-08585-8},
abstract = {Using the domain of crisis management, Christian Reuter explores challenges and opportunities for technology design in emergent environments. He therefore empirically analyzes collaborative work in inter-organizational crisis – such as the police, fire departments, energy network operators and citizens – in order to identify collaboration practices that reveal work infrastructure limitations. He also designs, implements and evaluates novel concepts and ICT artifacts towards the support of emergent collaboration. Besides the discovery of potential organizational effects on the ability to deal with emergence he presents methodological implications for technology design.},
publisher = {Springer Gabler},
author = {Reuter, Christian},
year = {2014},
doi = {10.1007/978-3-658-08586-5},
note = {Backup Publisher: University of Siegen},
keywords = {UsableSec, HCI, AuswahlUsableSec, Selected, SocialMedia, Infrastructure, Projekt-EmerGent, Projekt-InfoStrom, DissPublisher},
}
[BibTeX] [Abstract] [Download PDF]
Emergencies are characterized by high complexity and unpredictability. In order to assess and manage them successfully, improvisation work and informal communication, even beyond local and organizational boundaries, is needed. Such informal practices can facilitate ad hoc participation of units in situation assessment, but this may lack overall situation awareness. This paper presents a study on how emergent ‘collaboration needs‘ in current work of response teams, who are located on-site and in the control center, could be supported by mobile geo-collaboration systems. First, we present the results of an empirical study about informal work and mobile collaboration practices of emergency services. Then we describe the concept of a mobile geo-collaboration system that addresses the aspects detected in the empirical study and that was implemented as an Android application using web sockets, a technology enabling full-duplex ad hoc communication. Finally we outline the findings of its evaluation in practice and its implications.
@article{reuter_ad_2014,
title = {Ad {Hoc} {Participation} in {Situation} {Assessment}: {Supporting} {Mobile} {Collaboration} in {Emergencies}},
volume = {21},
url = {http://www.wineme.uni-siegen.de/paper/2014/2014_reuterludwigpipek_adhocparticipation_tochi.pdf},
doi = {10.1145/2651365},
abstract = {Emergencies are characterized by high complexity and unpredictability. In order to assess and manage them successfully, improvisation work and informal communication, even beyond local and organizational boundaries, is needed. Such informal practices can facilitate ad hoc participation of units in situation assessment, but this may lack overall situation awareness. This paper presents a study on how emergent ‘collaboration needs' in current work of response teams, who are located on-site and in the control center, could be supported by mobile geo-collaboration systems. First, we present the results of an empirical study about informal work and mobile collaboration practices of emergency services. Then we describe the concept of a mobile geo-collaboration system that addresses the aspects detected in the empirical study and that was implemented as an Android application using web sockets, a technology enabling full-duplex ad hoc communication. Finally we outline the findings of its evaluation in practice and its implications.},
number = {5},
journal = {ACM Transactions on Computer-Human Interaction (TOCHI)},
author = {Reuter, Christian and Ludwig, Thomas and Pipek, Volkmar},
month = nov,
year = {2014},
note = {Publisher: ACM},
keywords = {UsableSec, Crisis, HCI, A-Paper, AuswahlUsableSec, Ranking-CORE-A*, Selected, Ranking-ImpactFactor, Cooperation, Ranking-VHB-B, Ranking-WKWI-A, Projekt-InfoStrom},
pages = {1--26},
}
2013
[BibTeX] [Abstract] [Download PDF]
Recent studies have called attention to the improvement of “collaborative resilience” by fostering the collaboration potentials of public and private stakeholders during disasters. With our research we consider real and virtual volunteers in order to detect conditions for cooperation among those citizen groups through social media. Therefore we analysed the usage of Twitter during a tornado crisis to look for role patterns and aspects that helped volunteer groups in the virtual to emerge, and matched the data with an interview study on experiences, attitudes, concerns and potentials professional emergency services recounted in the emergence of volunteer groups in the real. While virtual groups seem to easily form and collaborate, the engagement of real volunteers is decreasing according to the perception of professionals. We discuss the dynamics in both tendencies and suggest design implications (use of existing social networks, promotion and awareness, connection among volunteers, connection to emergency services and systems) to support both types of volunteer groups, which lead to a software prototype.
@inproceedings{reuter_combining_2013,
address = {Baden-Baden, Germany},
title = {Combining {Real} and {Virtual} {Volunteers} through {Social} {Media}},
url = {http://www.peasec.de/paper/2013/2013_ReuterHegerPipek_RealVirtualVolunteersSocialMedia_ISCRAM.pdf},
abstract = {Recent studies have called attention to the improvement of “collaborative resilience” by fostering the collaboration potentials of public and private stakeholders during disasters. With our research we consider real and virtual volunteers in order to detect conditions for cooperation among those citizen groups through social media. Therefore we analysed the usage of Twitter during a tornado crisis to look for role patterns and aspects that helped volunteer groups in the virtual to emerge, and matched the data with an interview study on experiences, attitudes, concerns and potentials professional emergency services recounted in the emergence of volunteer groups in the real. While virtual groups seem to easily form and collaborate, the engagement of real volunteers is decreasing according to the perception of professionals. We discuss the dynamics in both tendencies and suggest design implications (use of existing social networks, promotion and awareness, connection among volunteers, connection to emergency services and systems) to support both types of volunteer groups, which lead to a software prototype.},
booktitle = {Proceedings of the {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
publisher = {ISCRAM},
author = {Reuter, Christian and Heger, Oliver and Pipek, Volkmar},
editor = {Comes, T. and Fiedrich, F. and Fortier, S. and Geldermann, J. and Müller, Tim},
year = {2013},
keywords = {Student, Crisis, HCI, Selected, AuswahlCrisis, SocialMedia, Cooperation, Projekt-InfoStrom},
pages = {780--790},
}
2012
[BibTeX] [Abstract] [Download PDF]
The contribution of this paper is to propose a systematization of social software use in crisis situations pointing out different types of cooperation and its challenges. We will discuss how the organizational actors involved in crisis management (police, fire-fighters, organizations etc.) and the affected citizens are communicating and can communicate and collaborate through the use of social software. After defining the term ‘social software‘ we will outline the state-of-the-art about its use in crisis management. Drawing from this, we will present two case studies where we have examined the use of social software in 2010: first during the disruption of air travel caused by the eruptions of the volcano Eyjafjallajökull in Iceland and second during the mass panic at the Love Parade music festival in Germany. Based on both previous work and case studies we will discuss potentials and weaknesses and propose a classification matrix for different types of cooperation as a step towards a systematization of social software use in crisis situations.
@article{reuter_crisis_2012,
title = {Crisis {Management} 2.0: {Towards} a {Systematization} of {Social} {Software} {Use} in {Crisis} {Situations}},
volume = {4},
url = {http://www.peasec.de/paper/2012/2012_ReuterMarxPipek_CrisisManagement20-SystematizationSocialSoftware_IJISCRAM.pdf},
doi = {10.4018/jiscrm.2012010101},
abstract = {The contribution of this paper is to propose a systematization of social software use in crisis situations pointing out different types of cooperation and its challenges. We will discuss how the organizational actors involved in crisis management (police, fire-fighters, organizations etc.) and the affected citizens are communicating and can communicate and collaborate through the use of social software. After defining the term ‘social software' we will outline the state-of-the-art about its use in crisis management. Drawing from this, we will present two case studies where we have examined the use of social software in 2010: first during the disruption of air travel caused by the eruptions of the volcano Eyjafjallajökull in Iceland and second during the mass panic at the Love Parade music festival in Germany. Based on both previous work and case studies we will discuss potentials and weaknesses and propose a classification matrix for different types of cooperation as a step towards a systematization of social software use in crisis situations.},
number = {1},
journal = {International Journal of Information Systems for Crisis Response and Management (IJISCRAM)},
author = {Reuter, Christian and Marx, Alexandra and Pipek, Volkmar},
year = {2012},
keywords = {Student, Crisis, HCI, Selected, AuswahlCrisis, SocialMedia, Cooperation, Projekt-InfoStrom, Projekt-RSBE},
pages = {1--16},
}
Just A-Paper (~80)
(CORE≥A v VHB≥A v High-Impact-Factor)
2025
[BibTeX] [Abstract]
The ongoing challenge of misinformation on social media motivates ongoing efforts to find effective countermeasures. In this study, we evaluated the potential of personalised nudging to reduce the sharing of misinformation on social media, as personalised support has been successfully applied in other areas of critical information handling. In an online experiment (N = 396) exposing users to social media posts, we assessed the degree of misinformation sharing between groups receiving (1) no nudges, (2) non-personalised nudges, and (3) personalised nudges. Personalisation was based on three psychometric dimensions – general decision-making style, consideration of future consequences, need for cognition – to assign the most appropriate nudge from a pool of five nudges. The results showed significant differences (p {\textless} .05) between all three groups, with the personalised nudge group sharing the least misinformation. Detailed analyses at the nudge level revealed that one nudge was universally effective and two nudges were effective only in their personalised form. The results generally confirm the potential of personalisation, although the effect is limited in scope. These findings shed light on the nuanced results of nudging studies, highlight the benefits of personalisation, and raise ethical considerations regarding the privacy implications of personalisation and those inherent in nudges.
@article{biselli_mitigating_2025,
title = {Mitigating {Misinformation} {Sharing} on {Social} {Media} through {Personalised} {Nudging}},
abstract = {The ongoing challenge of misinformation on social media motivates ongoing efforts to find effective countermeasures.
In this study, we evaluated the potential of personalised nudging to reduce the sharing of misinformation on social media, as personalised support has been successfully applied in other areas of critical information handling.
In an online experiment (N = 396) exposing users to social media posts, we assessed the degree of misinformation sharing between groups receiving (1) no nudges, (2) non-personalised nudges, and (3) personalised nudges. Personalisation was based on three psychometric dimensions - general decision-making style, consideration of future consequences, need for cognition - to assign the most appropriate nudge from a pool of five nudges.
The results showed significant differences (p {\textless} .05) between all three groups, with the personalised nudge group sharing the least misinformation. Detailed analyses at the nudge level revealed that one nudge was universally effective and two nudges were effective only in their personalised form.
The results generally confirm the potential of personalisation, although the effect is limited in scope.
These findings shed light on the nuanced results of nudging studies, highlight the benefits of personalisation, and raise ethical considerations regarding the privacy implications of personalisation and those inherent in nudges.},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Biselli, Tom and Hartwig, Katrin and Reuter, Christian},
year = {2025},
keywords = {A-Paper, Projekt-ATHENE-PriVis, Projekt-NEBULA, Ranking-CORE-A},
}
[BibTeX] [Abstract]
In Germany and other countries, specialized non-profit reporting centers combat online hate speech by submitting criminal content to law enforcement agencies, forwarding deletion requests to social media platforms, and providing counseling to victims, thus contributing to the governance mechanism of content moderation as intermediaries between victims and various organizations. Whereas research in computer-supported cooperative work has extensively explored collaboration of and automation for content moderators, there are no works that focus on reporting centers. Based on expert interviews with their staff (N=15), this study finds that most German centers share a collaborative workflow, of which multiple tasks are heavily dependent on inter-organizational exchange. However, there are differences in their implementation of monitoring, content assessment, automation technology adoption, and external collaborators. As the centers are faced with diverse challenges, such as borderline case assessment, psychological burdens, limited visibility, conflicting goals with other actors, and manual repetitive work, our study contributes with nine implications for designing and researching supportive technologies. They provide suggestions for improving hate speech gathering and reporting, researching hate speech prioritization and assessment algorithms, and designing case processing systems. Beyond that, we outline directions for research on inter-organizational collaboration.
@article{baumler_harnessing_2025,
title = {Harnessing {Inter}-{Organizational} {Collaboration} and {Automation} to {Combat} {Online} {Hate} {Speech}: {A} {Qualitative} {Study} with {German} {Reporting} {Centers}},
abstract = {In Germany and other countries, specialized non-profit reporting centers combat online hate speech by submitting criminal content to law enforcement agencies, forwarding deletion requests to social media platforms, and providing counseling to victims, thus contributing to the governance mechanism of content moderation as intermediaries between victims and various organizations. Whereas research in computer-supported cooperative work has extensively explored collaboration of and automation for content moderators, there are no works that focus on reporting centers. Based on expert interviews with their staff (N=15), this study finds that most German centers share a collaborative workflow, of which multiple tasks are heavily dependent on inter-organizational exchange. However, there are differences in their implementation of monitoring, content assessment, automation technology adoption, and external collaborators. As the centers are faced with diverse challenges, such as borderline case assessment, psychological burdens, limited visibility, conflicting goals with other actors, and manual repetitive work, our study contributes with nine implications for designing and researching supportive technologies. They provide suggestions for improving hate speech gathering and reporting, researching hate speech prioritization and assessment algorithms, and designing case processing systems. Beyond that, we outline directions for research on inter-organizational collaboration.},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Bäumler, Julian and Riebe, Thea and Kaufhold, Marc-André and Reuter, Christian},
year = {2025},
keywords = {Crisis, HCI, Projekt-CYWARN, Projekt-CYLENCE, A-Paper, AuswahlCrisis, Ranking-CORE-A},
}
[BibTeX]
@book{reuter_special_2025,
title = {Special {Issue} on {Combating} {Information} {Warfare}: {User}-{Centered} {Countermeasures} against {Fake} {News} and {Misinformation} - {Behaviour} \& {Information} {Technology} ({BIT})},
publisher = {Taylor \& Francis},
author = {Reuter, Christian and Hughes, Amanda Lee and Buntain, Cody},
year = {2025},
note = {Publication Title: Behaviour \& Information Technology (BIT)},
keywords = {Peace, Crisis, HCI, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX]
@article{reuter_combating_2025,
title = {Combating {Information} {Warfare}: {State} and {Trends} in {User}-{Centered} {Countermeasures} against {Fake} {News} and {Misinformation}},
journal = {Behaviour \& Information Technology (BIT)},
author = {Reuter, Christian and Hughes, Amanda Lee and Buntain, Cody},
year = {2025},
keywords = {Peace, Crisis, HCI, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX] [Abstract]
In conflict-ridden environments, timely and accurate information is critical for those dealing with the dynamic of events. When individuals have to flee, it becomes evident that refugees frequently rely on information and communication technologies (ICT) for information acquisition, travel coordination, and maintaining connections with related parties. Based on 17 interviews, this research explores how Ukrainian refugees, who sought protection in Germany due to the 2022 Russian full-scale invasion, use ICT before, during, and after their flight. By providing empirical findings, the results show in depth how contextual factors, such as infrastructural instability, privacy concerns and an advanced digitalization, interrelate with user behaviors. Analyzing the multifaceted civilian ICT use in the context of war and flight, this exploratory research contributes to the existing research on HCI in migration contexts and connects to several topics of CSCW. By contrasting case specifics, this work highlights what makes Ukraine a special case in this research area. Furthermore, this paper examines both existing and emerging affordances of ICT in the context of flight, and identifies the crucial role of messenger groups for information gathering in all phases of the flight. Lastly, collaborative dimensions of the identified affordances are discussed.
@article{steinbrink_smartphone_2025,
title = {Smartphone and {ICT} {Use} {Among} {Ukrainian} {Refugees}: {Technology} {Support} during {War}, {Flight}, and {Adaptation} in {Germany}},
abstract = {In conflict-ridden environments, timely and accurate information is critical for those dealing with the dynamic of events. When individuals have to flee, it becomes evident that refugees frequently rely on information and communication technologies (ICT) for information acquisition, travel coordination, and maintaining connections with related parties. Based on 17 interviews, this research explores how Ukrainian refugees, who sought protection in Germany due to the 2022 Russian full-scale invasion, use ICT before, during, and after their flight. By providing empirical findings, the results show in depth how contextual factors, such as infrastructural instability, privacy concerns and an advanced digitalization, interrelate with user behaviors. Analyzing the multifaceted civilian ICT use in the context of war and flight, this exploratory research contributes to the existing research on HCI in migration contexts and connects to several topics of CSCW. By contrasting case specifics, this work highlights what makes Ukraine a special case in this research area. Furthermore, this paper examines both existing and emerging affordances of ICT in the context of flight, and identifies the crucial role of messenger groups for information gathering in all phases of the flight. Lastly, collaborative dimensions of the identified affordances are discussed.},
number = {CSCW},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Steinbrink, Enno and Guntrum, Laura Gianna and Reuter, Christian},
year = {2025},
note = {Place: New York, NY, USA
Publisher: Association for Computing Machinery},
keywords = {Projekt-TraCe, UsableSec, Crisis, A-Paper, Projekt-ATHENE, Ranking-CORE-A, Projekt-GRKPrivacy},
}
2024
[BibTeX] [Abstract] [Download PDF]
The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and – ideally – on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.
@article{bayer_cysecbert_2024,
title = {{CySecBERT}: {A} {Domain}-{Adapted} {Language} {Model} for the {Cybersecurity} {Domain}},
volume = {27},
issn = {2471-2566},
url = {https://peasec.de/paper/2024/2024_BayerKuehnShanesazReuter_CySecBERT_TOPS.pdf},
doi = {10.1145/3652594},
abstract = {The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and - ideally - on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.},
number = {2},
journal = {ACM Transactions on Privacy and Security (TOPS)},
author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian},
month = apr,
year = {2024},
note = {Place: New York, NY, USA
Publisher: Association for Computing Machinery},
keywords = {Student, Security, UsableSec, Projekt-CYWARN, Projekt-ATHENE-CyAware, Projekt-CYLENCE, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users‘ privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.
@article{biselli_supporting_2024,
title = {Supporting {Informed} {Choices} about {Browser} {Cookies}: {The} {Impact} of {Personalised} {Cookie} {Banners}},
url = {https://petsymposium.org/popets/2024/popets-2024-0011.pdf},
doi = {https://doi.org/10.56553/popets-2024-0011},
abstract = {Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users' privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.},
number = {1},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Biselli, Tom and Utz, Laura and Reuter, Christian},
year = {2024},
keywords = {Student, Security, UsableSec, HCI, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A},
pages = {171--191},
}
[BibTeX] [Abstract] [Download PDF]
In many applications and websites people use in their everyday life, their privacy and data is threatened, e.g., by script tracking during browsing. Although researchers and companies have developed privacy-enhancing technologies (PETs), they are often difficult to use for lay users. In this paper, we conducted a literature review to classify users into different support personas based on their privacy competence and privacy concern. With developers of PETs in mind, support personas were envisioned to facilitate the customization of software according to the support needs of different users. In order to demonstrate the usefulness of support personas and based on workshop sessions with 15 participants, we designed a browser extension which supports users with the issue of script tracking by providing different user interfaces for different support personas. The following qualitative evaluation with 31 participants showed that the developed UI elements worked as intended for the different support personas. Therefore, we conclude the concept of support personas is useful in the development process of usable applications that enhance the privacy of the users while also educating them and thus potentially increasing their privacy literacy.
@article{demuth_support_2024,
title = {Support {Personas}: {A} {Concept} for {Tailored} {Support} of {Users} of {Privacy}-{Enhancing} {Technologies}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0142.pdf},
doi = {https://doi.org/10.56553/popets-2024-0142},
abstract = {In many applications and websites people use in their everyday life, their privacy and data is threatened, e.g., by script tracking during browsing. Although researchers and companies have developed privacy-enhancing technologies (PETs), they are often difficult to use for lay users. In this paper, we conducted a literature review to classify users into different support personas based on their privacy competence and privacy concern. With developers of PETs in mind, support personas were envisioned to facilitate the customization of software according to the support needs of different users. In order to demonstrate the usefulness of support personas and based on workshop sessions with 15 participants, we designed a browser extension which supports users with the issue of script tracking by providing different user interfaces for different support personas. The following qualitative evaluation with 31 participants showed that the developed UI elements worked as intended for the different support personas. Therefore, we conclude the concept of support personas is useful in the development process of usable applications that enhance the privacy of the users while also educating them and thus potentially increasing their privacy literacy.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Demuth, Kilian and Linsner, Sebastian and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CROSSING, A-Paper, Projekt-ATHENE-PriVis, Ranking-CORE-A},
pages = {797--817},
}
[BibTeX] [Abstract] [Download PDF]
Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.
@inproceedings{hartwig_adolescents_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {From {Adolescents}' {Eyes}: {Assessing} an {Indicator}-{Based} {Intervention} to {Combat} {Misinformation} on {TikTok}},
isbn = {9798400703300},
url = {https://doi.org/10.1145/3613904.3642264},
doi = {10.1145/3613904.3642264},
abstract = {Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants
engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting
teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {Association for Computing Machinery},
author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, A-Paper, Ranking-CORE-A*, Selected, AuswahlCrisis, Projekt-ATHENE-PriVis, Projekt-NEBULA},
}
[BibTeX] [Abstract] [Download PDF]
Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.
@article{hartwig_navigating_2024,
title = {Navigating {Misinformation} in {Voice} {Messages}: {Identification} of {User}-{Centered} {Features} for {Digital} {Interventions}},
issn = {1944-4079},
url = {https://peasec.de/paper/2024/2024_HartwigSandlerReuter_NavigatingMisinfoVoiceMessages_RiskHazards.pdf},
doi = {10.1002/rhc3.12296},
abstract = {Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.},
journal = {Risk, Hazards, \& Crisis in Public Policy (RHCPP)},
author = {Hartwig, Katrin and Sandler, Ruslan and Reuter, Christian},
year = {2024},
note = {Publisher: John Wiley \& Sons, Ltd},
keywords = {Student, UsableSec, Crisis, HCI, Projekt-CYLENCE, A-Paper, Projekt-NEBULA, Projekt-ATHENE, Ranking-ImpactFactor, SocialMedia, Cyberwar},
}
[BibTeX] [Abstract] [Download PDF]
Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.
@article{hartwig_landscape_2024,
title = {The {Landscape} of {User}-centered {Misinformation} {Interventions} – {A} {Systematic} {Literature} {Review}},
volume = {56},
issn = {0360-0300},
url = {https://peasec.de/paper/2024/2024_HartwigDoellReuter_LandscapeUserCentredMisinfoInterventions_CSUR.pdf},
doi = {10.1145/3674724},
abstract = {Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.},
number = {11},
journal = {ACM Computing Surveys (CSUR)},
author = {Hartwig, Katrin and Doell, Frederic and Reuter, Christian},
month = jul,
year = {2024},
keywords = {Peace, Student, HCI, A-Paper, Ranking-CORE-A*, Selected, Projekt-NEBULA, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Recent crises like the COVID-19 pandemic provoked an increasing appearance of misleading information, emphasizing the need for effective user-centered countermeasures as an important field in HCI research. This work investigates how content-specific user-centered indicators can contribute to an informed approach to misleading information. In a threefold study, we conducted an in-depth content analysis of 2,382 German tweets on Twitter (now X) to identify topical (e.g., 5G), formal (e.g., links), and rhetorical (e.g., sarcasm) characteristics through manual coding, followed by a qualitative online survey to evaluate which indicators users already use autonomously to assess a tweet’s credibility. Subsequently, in a think-aloud study participants qualitatively evaluated the identified indicators in terms of perceived comprehensibility and usefulness. While a number of indicators were found to be particularly comprehensible and useful (e.g., claim for absolute truth and rhetorical questions), our findings reveal limitations of indicator-based interventions, particularly for people with entrenched conspiracy theory views. We derive four implications for digitally supporting users in dealing with misleading information, especially during crises.
@article{hartwig_misleading_2024,
title = {Misleading {Information} in {Crises}: {Exploring} {Content}-specific {Indicators} on {Twitter} from a {User} {Perspective}},
issn = {0144-929X},
url = {https://doi.org/10.1080/0144929X.2024.2373166},
doi = {10.1080/0144929X.2024.2373166},
abstract = {Recent crises like the COVID-19 pandemic provoked an increasing appearance of misleading information,
emphasizing the need for effective user-centered countermeasures as an important field in HCI research. This
work investigates how content-specific user-centered indicators can contribute to an informed approach to
misleading information. In a threefold study, we conducted an in-depth content analysis of 2,382 German
tweets on Twitter (now X) to identify topical (e.g., 5G), formal (e.g., links), and rhetorical (e.g., sarcasm)
characteristics through manual coding, followed by a qualitative online survey to evaluate which indicators
users already use autonomously to assess a tweet’s credibility. Subsequently, in a think-aloud study participants
qualitatively evaluated the identified indicators in terms of perceived comprehensibility and usefulness. While
a number of indicators were found to be particularly comprehensible and useful (e.g., claim for absolute truth
and rhetorical questions), our findings reveal limitations of indicator-based interventions, particularly for
people with entrenched conspiracy theory views. We derive four implications for digitally supporting users in
dealing with misleading information, especially during crises.},
journal = {Behaviour \& Information Technology (BIT)},
author = {Hartwig, Katrin and Schmid, Stefka and Biselli, Tom and Pleil, Helene and Reuter, Christian},
year = {2024},
keywords = {Crisis, HCI, A-Paper, Projekt-ATHENE-PriVis, Projekt-NEBULA, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {1--34},
}
[BibTeX] [Abstract] [Download PDF]
Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.
@inproceedings{kaufhold_we_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
isbn = {9798400703300},
url = {https://peasec.de/paper/2024/2024_KaufholdRiebeBayerReuter_CertDesignCaseStudy_CHI.pdf},
doi = {10.1145/3613904.3642368},
abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
publisher = {Association for Computing Machinery},
author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CYWARN, Projekt-ATHENE-CyAware, Projekt-CYLENCE, A-Paper, AuswahlKaufhold, AuswahlUsableSec, Ranking-CORE-A*, Selected},
}
[BibTeX] [Abstract] [Download PDF]
Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.
@article{kuntke_geobox_2024,
title = {{GeoBox}: {Design} and {Evaluation} of a {Tool} for {Resilient} and {Decentralized} {Data} {Management} in {Agriculture}},
volume = {43},
issn = {0144-929X},
url = {https://peasec.de/paper/2023/2023_KuntkeKaufholdLinsnerReuter_GeoBox_BIT.pdf},
doi = {10.1080/0144929X.2023.2185747},
abstract = {Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.},
number = {4},
journal = {Behaviour \& Information Technology (BIT)},
author = {Kuntke, Franz and Kaufhold, Marc-André and Linsner, Sebastian and Reuter, Christian},
month = mar,
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, Security, UsableSec, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {764--786},
}
[BibTeX] [Abstract] [Download PDF]
In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.
@article{linsner_decision-based_2024,
title = {Decision-based {Data} {Distribution} ({D}³): {Enabling} {Users} to {Minimize} {Data} {Propagation} in {Privacy}-sensitive {Scenarios}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0113.php},
doi = {10.56553/popets-2024-0113},
abstract = {In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Linsner, Sebastian and Demuth, Kilian and Fischlin, Marc and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CROSSING, A-Paper, Selected, Projekt-ATHENE-PriVis, Ranking-CORE-A},
}
[BibTeX] [Abstract] [Download PDF]
Internet of Things (IoT) devices have become increasingly important within the smart home domain, making the security of the devices a critical aspect. The majority of IoT devices are black-box systems running closed and pre-installed firmware. This raises concerns about the trustworthiness of these devices, especially considering that some of them are shipped with a microphone or a camera. Remote attestation aims at validating the trustworthiness of these devices by verifying the integrity of the software. However, users cannot validate whether the attestation has actually taken place and has not been manipulated by an attacker, raising the need for HCI research on trust and understandability. We conducted a qualitative study with 35 participants, investigating trust in the attestation process and whether this trust can be improved by additional explanations in the application. We developed an application that allows users to attest a smart speaker using their smartphone over an audio channel to identify the attested device and observe the attestation process. In order to observe the differences between the applications with and without explanations, we performed A/B testing. We discovered that trust increases when additional explanations of the technical process are provided, improving the understanding of the attestation process.
@article{linsner_building_2024,
title = {Building {Trust} in {Remote} {Attestation} {Through} {Transparency} – {A} {Qualitative} {User} {Study} on {Observable} {Attestation}},
issn = {0144-929X},
url = {https://doi.org/10.1080/0144929X.2024.2374889},
doi = {10.1080/0144929X.2024.2374889},
abstract = {Internet of Things (IoT) devices have become increasingly important within the smart home domain, making the security of the devices a critical aspect. The majority of IoT devices are black-box systems running closed and pre-installed firmware. This raises concerns about the trustworthiness of these devices, especially considering that some of them are shipped with a microphone or a camera. Remote attestation aims at validating the trustworthiness of these devices by verifying the integrity of the software. However, users cannot validate whether the attestation has actually taken place and has not been manipulated by an attacker, raising the need for HCI research on trust and understandability. We conducted a qualitative study with 35 participants, investigating trust in the attestation process and whether this trust can be improved by additional explanations in the application. We developed an application that allows users to attest a smart speaker using their smartphone over an audio channel to identify the attested device and observe the attestation process. In order to observe the differences between the applications with and without explanations, we performed A/B testing. We discovered that trust increases when additional explanations of the technical process are provided, improving the understanding of the attestation process.},
journal = {Behaviour \& Information Technology (BIT)},
author = {Linsner, Sebastian and Demuth, Kilian and Surminski, Sebastian and Davi, Lucas and Reuter, Christian},
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {Security, UsableSec, Projekt-CROSSING, A-Paper, Projekt-ATHENE-PriVis, Ranking-ImpactFactor},
pages = {1--21},
}
[BibTeX] [Abstract]
The development of artificial intelligence and autonomous functions in the military domain has an immense impact on technologies being developed by the private defence industry. Defence firms contribute to the narratives and visions on autonomous weapon systems and the future of warfare, e.g. in the form of strategic marketing of their products. However, their role has so far been understudied, especially regarding autonomous weapon systems. As the normative debate revolves around aspects of human control, this work examines the narratives of (meaningful) human control in the marketing of autonomous military systems by defence manufacturers. Based on a comprehensive content analysis of twenty defence firms, we identified three main narratives, which envision autonomy as a military advantage, the role of the human in the future of warfare, and human-machine teaming. Based on the results, we argue that defence companies reproduce and adapt narratives which shape expectations and visions of human control of autonomous weapon systems in anticipation of emerging norms for (meaningful) human control. However, without specifications and verification mechanisms, there is no indication that human control will be meaningful.
@article{riebe_envisioning_2024,
title = {Envisioning {Human}-{Machine} {Interaction} in {Future} {Warfare}: {Defence} {Industry} {Narratives} on {Human} {Control} of {Autonomous} {Weapon} {Systems}},
abstract = {The development of artificial intelligence and autonomous functions in the military domain has an immense impact on technologies being developed by the private defence industry. Defence firms contribute to the narratives and visions on autonomous weapon systems and the future of warfare, e.g. in the form of strategic marketing of their products. However, their role has so far been understudied, especially regarding autonomous weapon systems. As the normative debate revolves around aspects of human control, this work examines the narratives of (meaningful) human control in the marketing of autonomous military systems by defence manufacturers. Based on a comprehensive content analysis of twenty defence firms, we identified three main narratives, which envision autonomy as a military advantage, the role of the human in the future of warfare, and human-machine teaming. Based on the results, we argue that defence companies reproduce and adapt narratives which shape expectations and visions of human control of autonomous weapon systems in anticipation of emerging norms for (meaningful) human control. However, without specifications and verification mechanisms, there is no indication that human control will be meaningful.},
journal = {Global Society},
author = {Riebe, Thea and Reuter, Christian and Gonsior, Anja-Liisa and Reichert, Lilian},
year = {2024},
keywords = {Peace, Projekt-TraCe, Student, HCI, Projekt-ATHENE-CyAware, A-Paper, Ranking-ImpactFactor, AuswahlPeace},
}
[BibTeX] [Abstract] [Download PDF]
In crises such as the COVID-19 pandemic, it is crucial to support users when dealing with social media content. Considering digital resilience, we propose a web app based on Social Network Analysis (SNA) to provide an overview of potentially misleading vs. non-misleading content on Twitter, which can be explored by users and enable foundational learning. The latter aims at systematically identifying thematic patterns which may be associated with misleading information. Additionally, it entails reflecting on indicators of misleading tweets which are proposed to approach classification of tweets. Paying special attention to non-expert users of social media, we conducted a two-step Think Aloud study for evaluation. While participants valued the opportunity to generate new knowledge and the diversity of the application, qualities such as equality and rapidity may be further improved. However, learning effects outweighed individual costs as all users were able to shift focus onto relevant features, such as hashtags, while readily pointing out content characteristics. Our design artifact connects to learning-oriented interventions regarding the spread of misleading information and tackles information overload by a SNA-based plug-in.
@article{schmid_digital_2024,
title = {Digital {Resilience} in {Dealing} with {Misinformation} on {Social} {Media} during {COVID}-19: {A} {Web} {Application} to {Assist} {Users} in {Crises}},
volume = {26},
issn = {1572-9419},
url = {https://doi.org/10.1007/s10796-022-10347-5},
doi = {10.1007/s10796-022-10347-5},
abstract = {In crises such as the COVID-19 pandemic, it is crucial to support users when dealing with social media content. Considering digital resilience, we propose a web app based on Social Network Analysis (SNA) to provide an overview of potentially misleading vs. non-misleading content on Twitter, which can be explored by users and enable foundational learning. The latter aims at systematically identifying thematic patterns which may be associated with misleading information. Additionally, it entails reflecting on indicators of misleading tweets which are proposed to approach classification of tweets. Paying special attention to non-expert users of social media, we conducted a two-step Think Aloud study for evaluation. While participants valued the opportunity to generate new knowledge and the diversity of the application, qualities such as equality and rapidity may be further improved. However, learning effects outweighed individual costs as all users were able to shift focus onto relevant features, such as hashtags, while readily pointing out content characteristics. Our design artifact connects to learning-oriented interventions regarding the spread of misleading information and tackles information overload by a SNA-based plug-in.},
number = {2},
journal = {Information Systems Frontiers (ISF)},
author = {Schmid, Stefka and Hartwig, Katrin and Cieslinski, Robert and Reuter, Christian},
month = apr,
year = {2024},
keywords = {Projekt-TraCe, Student, Crisis, A-Paper, Projekt-NEBULA},
pages = {477--499},
}
[BibTeX] [Abstract] [Download PDF]
Digital technology and smartphones provide great opportunities to support crisis response measures. During the COVID-19 pandemic, many countries introduced contact tracing apps (CTAs) to prevent the virus’s spread and identify infection clusters. Because wide acceptance is necessary for these apps to work, it has been a subject of research. Past research often highlighted the role of trust for acceptance and suggested that technical transparency by opening the source code can help to build trust. For this reason, we studied the acceptance of two German apps: the Corona-Warn-App (CWA), which was developed as open-source software early on, and the Luca app, which did not publish the source code initially. We conducted a multinomial logistic regression testing effects on the adoption of (1) only the CWA, (2) only the Luca app, or (3) both apps. As predictors, we considered the role of trust in the app publisher and the government and controlled for predictors relevant to past research. We found trust to have a significant effect on the acceptance of the apps. A self-reported understanding of the term “open-source software” and a perceived threat by COVID-19 had a positive effect for the Corona-Warn-App or both apps but not for the Luca app alone. Being from Eastern Germany lowered the acceptance of the Luca app or both apps. Our findings can add to previous CTA acceptance research and provide insights for policymakers for future digital crisis measures, especially for populations comparable to the German population regarding government trust and privacy attitudes.
@article{steinbrink_impact_2024,
title = {The {Impact} of {Transparency} and {Trust} on {User} {Acceptance} of {Contact} {Tracing} {Apps}: {Implications} for the {Adoption} of {Crisis} {Response} {Apps}},
issn = {2212-4209},
url = {https://www.sciencedirect.com/science/article/pii/S2212420924004230},
doi = {10.1016/j.ijdrr.2024.104661},
abstract = {Digital technology and smartphones provide great opportunities to support crisis response measures. During the COVID-19 pandemic, many countries introduced contact tracing apps (CTAs) to prevent the virus’s spread and identify infection clusters. Because wide acceptance is necessary for these apps to work, it has been a subject of research. Past research often highlighted the role of trust for acceptance and suggested that technical transparency by opening the source code can help to build trust. For this reason, we studied the acceptance of two German apps: the Corona-Warn-App (CWA), which was developed as open-source software early on, and the Luca app, which did not publish the source code initially. We conducted a multinomial logistic regression testing effects on the adoption of (1) only the CWA, (2) only the Luca app, or (3) both apps. As predictors, we considered the role of trust in the app publisher and the government and controlled for predictors relevant to past research. We found trust to have a significant effect on the acceptance of the apps. A self-reported understanding of the term “open-source software” and a perceived threat by COVID-19 had a positive effect for the Corona-Warn-App or both apps but not for the Luca app alone. Being from Eastern Germany lowered the acceptance of the Luca app or both apps. Our findings can add to previous CTA acceptance research and provide insights for policymakers for future digital crisis measures, especially for populations comparable to the German population regarding government trust and privacy attitudes.},
journal = {International Journal of Disaster Risk Reduction},
author = {Steinbrink, Enno and Reuter, Christian},
month = jul,
year = {2024},
keywords = {Crisis, HCI, A-Paper, Projekt-ATHENE-PriVis, Ranking-ImpactFactor, Projekt-GRKPrivacy},
pages = {104661},
}
2023
[BibTeX] [Abstract] [Download PDF]
A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication
@article{bayer_multi-level_2023,
title = {Multi-{Level} {Fine}-{Tuning}, {Data} {Augmentation}, and {Few}-{Shot} {Learning} for {Specialized} {Cyber} {Threat} {Intelligence}},
issn = {0167-4048},
url = {https://peasec.de/paper/2023/2023_BayerFreyReuter_MultiLevelFineTuningForCyberThreatIntelligence_CS.pdf},
doi = {10.1016/j.cose.2023.103430},
abstract = {A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication},
journal = {Computers \& Security},
author = {Bayer, Markus and Frey, Tobias and Reuter, Christian},
year = {2023},
keywords = {Student, Security, Projekt-CYWARN, Projekt-CROSSING, A-Paper, Projekt-ATHENE, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model’s generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.
@article{bayer_survey_2023,
title = {A {Survey} on {Data} {Augmentation} for {Text} {Classification}},
volume = {55},
url = {https://dl.acm.org/doi/pdf/10.1145/3544558},
doi = {10.1145/3544558},
abstract = {Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model's generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.},
number = {7},
journal = {ACM Computing Surveys (CSUR)},
author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {Crisis, Projekt-CYWARN, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, AuswahlKaufhold, Ranking-CORE-A*, Selected, AuswahlCrisis, Ranking-ImpactFactor},
pages = {1--39},
}
[BibTeX] [Abstract] [Download PDF]
About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants‘ (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.
@inproceedings{haesler_getting_2023,
address = {New York, NY, USA},
series = {{DIS} '23},
title = {Getting the {Residents}' {Attention}: {The} {Perception} of {Warning} {Channels} in {Smart} {Home} {Warning} {Systems}},
isbn = {978-1-4503-9893-0},
url = {https://peasec.de/paper/2023/2023_HaeslerWendelbornReuter_SmartHomeWarningSystems_DIS},
doi = {10.1145/3563657.3596076},
abstract = {About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants' (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.},
booktitle = {Proceedings of the {ACM} {Designing} {Interactive} {Systems} {Conference} ({DIS})},
publisher = {Association for Computing Machinery},
author = {Haesler, Steffen and Wendelborn, Marc and Reuter, Christian},
year = {2023},
note = {event-place: Pittsburgh, PA, USA},
keywords = {Student, Crisis, HCI, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, Ranking-CORE-A},
pages = {1114--1127},
}
[BibTeX] [Abstract] [Download PDF]
Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.
@article{haunschild_preparedness_2023,
title = {Preparedness {Nudging} for {Warning} {Apps}? {A} {Mixed}-{Method} {Study} {Investigating} {Popularity} and {Effects} of {Preparedness} {Alerts} in {Warning} {Apps}},
volume = {172},
issn = {1071-5819},
url = {https://peasec.de/paper/2023/2023_HaunschildPauliReuter_NudgingWarningApps_IJHCS.pdf},
doi = {https://doi.org/10.1016/j.ijhcs.2023.102995},
abstract = {Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.},
journal = {International Journal on Human-Computer Studies (IJHCS)},
author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
year = {2023},
keywords = {Student, Crisis, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, Selected, AuswahlCrisis, Ranking-ImpactFactor},
pages = {102995},
}
[BibTeX] [Abstract] [Download PDF]
Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.
@article{reinhold_extrust_2023,
title = {{ExTRUST}: {Reducing} {Exploit} {Stockpiles} {With} a {Privacy}-{Preserving} {Depletion} {Systems} for {Inter}-{State} {Relationships}},
volume = {4},
url = {https://peasec.de/paper/2023/2023_ReinholdKuehnGuentherSchneiderReuter_ExTrust-ehem-BlockED_TTaS.pdf},
doi = {10.1109/TTS.2023.3280356},
abstract = {Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.},
number = {2},
journal = {IEEE Transactions on Technology and Society},
author = {Reinhold, Thomas and Kuehn, Philipp and Günther, Daniel and Schneider, Thomas and Reuter, Christian},
year = {2023},
keywords = {Peace, Student, Projekt-ATHENE-SecUrban, Projekt-CROSSING, A-Paper, Selected, Cyberwar, AuswahlPeace, Projekt-GRKPrivacy},
pages = {158--170},
}
[BibTeX] [Abstract] [Download PDF]
The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.
@article{reuter_increasing_2023,
title = {Increasing {Adoption} {Despite} {Perceived} {Limitations} of {Social} {Media} in {Emergencies}: {Representative} {Insights} on {German} {Citizens}’ {Perception} and {Trends} from 2017 to 2021},
volume = {96},
issn = {2212-4209},
url = {https://peasec.de/paper/2023/2023_ReuterKaufholdBiselliPleil_SocialMediaEmergenciesSurvey_IJDRR.pdf},
doi = {https://doi.org/10.1016/j.ijdrr.2023.103880},
abstract = {The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.},
journal = {International Journal of Disaster Risk Reduction (IJDRR)},
author = {Reuter, Christian and Kaufhold, Marc-André and Biselli, Tom and Pleil, Helene},
year = {2023},
keywords = {Student, Crisis, Projekt-emergenCITY, Projekt-CYLENCE, A-Paper, AuswahlCrisis, Projekt-NEBULA, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX] [Abstract] [Download PDF]
The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.
@article{riebe_privacy_2023,
title = {Privacy {Concerns} and {Acceptance} {Factors} of {OSINT} for {Cybersecurity}: {A} {Representative} {Survey}},
url = {https://petsymposium.org/popets/2023/popets-2023-0028.pdf},
doi = {https://doi.org/10.56553/popets-2023-0028},
abstract = {The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.},
number = {1},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Riebe, Thea and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CYWARN, A-Paper, AuswahlUsableSec, Ranking-CORE-A},
pages = {477--493},
}
[BibTeX] [Abstract] [Download PDF]
The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.
@article{riebe_values_2023,
title = {Values and {Value} {Conflicts} in the {Context} of {OSINT} {Technologies} for {Cybersecurity} {Incident} {Response}: {A} {Value} {Sensitive} {Design} {Perspective}},
url = {https://link.springer.com/article/10.1007/s10606-022-09453-4},
doi = {10.1007/s10606-022-09453-4},
abstract = {The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.},
journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
author = {Riebe, Thea and Bäumler, Julian and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {Student, Security, UsableSec, HCI, Projekt-CYWARN, Projekt-ATHENE-SecUrban, Projekt-CROSSING, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B},
}
2022
[BibTeX] [Abstract] [Download PDF]
In many cases of machine learning, research suggests that the development of training data might have a higher relevance than the choice and modelling of classifiers themselves. Thus, data augmentation methods have been developed to improve classifiers by artificially created training data. In NLP, there is the challenge of establishing universal rules for text transformations which provide new linguistic patterns. In this paper, we present and evaluate a text generation method suitable to increase the performance of classifiers for long and short texts. We achieved promising improvements when evaluating short as well as long text tasks with the enhancement by our text generation method. Especially with regard to small data analytics, additive accuracy gains of up to 15.53\% and 3.56\% are achieved within a constructed low data regime, compared to the no augmentation baseline and another data augmentation technique. As the current track of these constructed regimes is not universally applicable, we also show major improvements in several real world low data tasks (up to +4.84 F1-score). Since we are evaluating the method from many perspectives (in total 11 datasets), we also observe situations where the method might not be suitable. We discuss implications and patterns for the successful application of our approach on different types of datasets.
@article{bayer_data_2022,
title = {Data {Augmentation} in {Natural} {Language} {Processing}: {A} {Novel} {Text} {Generation} {Approach} for {Long} and {Short} {Text} {Classifiers}},
url = {https://link.springer.com/article/10.1007/s13042-022-01553-3},
doi = {10.1007/s13042-022-01553-3},
abstract = {In many cases of machine learning, research suggests that the development of training data might have a higher relevance than the choice and modelling of classifiers themselves. Thus, data augmentation methods have been developed to improve classifiers by artificially created training data. In NLP, there is the challenge of establishing universal rules for text transformations which provide new linguistic patterns. In this paper, we present and evaluate a text generation method suitable to increase the performance of classifiers for long and short texts. We achieved promising improvements when evaluating short as well as long text tasks with the enhancement by our text generation method. Especially with regard to small data analytics, additive accuracy gains of up to 15.53\% and 3.56\% are achieved within a constructed low data regime, compared to the no augmentation baseline and another data augmentation technique. As the current track of these constructed regimes is not universally applicable, we also show major improvements in several real world low data tasks (up to +4.84 F1-score). Since we are evaluating the method from many perspectives (in total 11 datasets), we also observe situations where the method might not be suitable. We discuss implications and patterns for the successful application of our approach on different types of datasets.},
journal = {International Journal of Machine Learning and Cybernetics (IJMLC)},
author = {Bayer, Markus and Kaufhold, Marc-André and Buchhold, Björn and Keller, Marcel and Dallmeyer, Jörg and Reuter, Christian},
year = {2022},
keywords = {Student, Security, Projekt-CYWARN, Projekt-emergenCITY, A-Paper, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.
@article{biselli_challenges_2022,
title = {On the {Challenges} of {Developing} a {Concise} {Questionnaire} to {Identify} {Privacy} {Personas}},
url = {https://petsymposium.org/2022/files/papers/issue4/popets-2022-0126.pdf},
doi = {10.56553/popets-2022-0126},
abstract = {Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Biselli, Tom and Steinbrink, Enno and Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
year = {2022},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Ranking-CORE-A, Projekt-GRKPrivacy},
pages = {645--669},
}
[BibTeX] [Abstract] [Download PDF]
The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study’s findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.
@article{franken_digital_2022,
title = {The {Digital} {Divide} in {State} {Vulnerability} to {Submarine} {Communications} {Cable} {Failure}},
volume = {38},
url = {https://peasec.de/paper/2022/2022_FrankenReinholdReichertReuter_DigitalDivideStateVulnerabilitySubmarineCommunicationsCable_IJCIP.pdf},
doi = {10.1016/j.ijcip.2022.100522},
abstract = {The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study's findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.},
number = {100522},
journal = {International Journal of Critical Infrastructure Protection (IJCIP)},
author = {Franken, Jonas and Reinhold, Thomas and Reichert, Lilian and Reuter, Christian},
year = {2022},
keywords = {Student, Projekt-AgriRegio, Security, Projekt-ATHENE-SecUrban, A-Paper, Selected, Ranking-ImpactFactor, AuswahlPeace},
pages = {1--15},
}
[BibTeX] [Abstract] [Download PDF]
Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users‘ perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.
@article{hartwig_nudging_2022,
title = {Nudging {Users} {Towards} {Better} {Security} {Decisions} in {Password} {Creation} {Using} {Whitebox}-based {Multidimensional} {Visualizations}},
volume = {41},
url = {https://peasec.de/paper/2022/2022_HartwigReuter_WhiteboxMultidimensionalNudges_BIT.pdf},
doi = {10.1080/0144929X.2021.1876167},
abstract = {Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users' perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.},
number = {7},
journal = {Behaviour \& Information Technology (BIT)},
author = {Hartwig, Katrin and Reuter, Christian},
year = {2022},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {1357--1380},
}
[BibTeX] [Abstract] [Download PDF]
Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.
@inproceedings{kaufhold_cyber_2022,
address = {Timisoara, Romania},
title = {Cyber {Threat} {Observatory}: {Design} and {Evaluation} of an {Interactive} {Dashboard} for {Computer} {Emergency} {Response} {Teams}},
url = {http://www.peasec.de/paper/2022/2022_KaufholdBasyurtEyilmezStoettingerReuter_CyberThreatObservatory_ECIS.pdf},
abstract = {Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.},
booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
author = {Kaufhold, Marc-André and Basyurt, Ali Sercan and Eyilmez, Kaan and Stöttinger, Marc and Reuter, Christian},
year = {2022},
keywords = {Security, UsableSec, HCI, Projekt-CYWARN, Projekt-ATHENE-SecUrban, A-Paper, Ranking-CORE-A},
}
[BibTeX] [Abstract] [Download PDF]
Agriculture is subject to high demands regarding resilience as it is an essential component of the food production chain. In the agricultural sector, there is an increasing usage of digital tools that rely on communication and energy infrastructures. Should disruption occur, such strengthened dependencies on other infrastructures increase the probability of ripple effects. Thus, there is a need to analyze the resilience of the agricultural sector with a specific focus on the effects of digitalization. This study works out resilience capacities of the interconnected technologies used in farm systems based on the experiences and opinions of farmers. Information was gathered through focus group interviews with farmers (N = 52) and a survey with participants from the agricultural sector (N = 118). In particular, the focus is put on the digital tools and other information and communication technologies they use. Based on a definition of resilience capacities, we evaluate resilience regarding energy and communication demands in various types of farm systems. Especially important are the resilience aspects of modern systems’ digital communication as well as the poorly developed and nonresilient network infrastructure in rural areas that contrast with the claim for a resilient agriculture. The result is a low robustness capacity, as our analysis concludes with the risk of food production losses.
@article{kuntke_resilience_2022,
title = {Resilience in {Agriculture}: {Communication} and {Energy} {Infrastructure} {Dependencies} of {German} {Farmers}},
volume = {13},
issn = {2192-6395},
url = {https://link.springer.com/article/10.1007/s13753-022-00404-7},
doi = {10.1007/s13753-022-00404-7},
abstract = {Agriculture is subject to high demands regarding resilience as it is an essential component of the food production chain. In the agricultural sector, there is an increasing usage of digital tools that rely on communication and energy infrastructures. Should disruption occur, such strengthened dependencies on other infrastructures increase the probability of ripple effects. Thus, there is a need to analyze the resilience of the agricultural sector with a specific focus on the effects of digitalization. This study works out resilience capacities of the interconnected technologies used in farm systems based on the experiences and opinions of farmers. Information was gathered through focus group interviews with farmers (N = 52) and a survey with participants from the agricultural sector (N = 118). In particular, the focus is put on the digital tools and other information and communication technologies they use. Based on a definition of resilience capacities, we evaluate resilience regarding energy and communication demands in various types of farm systems. Especially important are the resilience aspects of modern systems’ digital communication as well as the poorly developed and nonresilient network infrastructure in rural areas that contrast with the claim for a resilient agriculture. The result is a low robustness capacity, as our analysis concludes with the risk of food production losses.},
number = {2},
journal = {International Journal of Disaster Risk Science (IJDRS)},
author = {Kuntke, Franz and Linsner, Sebastian and Steinbrink, Enno and Franken, Jonas and Reuter, Christian},
month = apr,
year = {2022},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, RSF, Security, A-Paper, Selected, Ranking-ImpactFactor, Projekt-HyServ, Ranking-CORE-B, Projekt-GRKPrivacy},
pages = {214--229},
}
[BibTeX] [Abstract] [Download PDF]
The Internet of Things (IoT) is a major trend that is seen as a great opportunity to improve efficiency in many domains, including agriculture. This technology could transform the sector, improving the management and quality of agricultural operations, for example, crop farming. The most promising data transmission standard for this domain seems to be Long Range Wide Area Network (LoRaWAN), a popular representative of low power wide area network technologies today. LoRaWAN, like any wireless protocol, has properties that can be exploited by attackers, which has been a topic of multiple research papers in recent years. By conducting a systematic literature review, we build a recent list of attacks, as well as collect mitigation options. Taking a look at a concrete use case (IoT in agriculture) allows us to evaluate the practicality of both exploiting the vulnerabilities and implementing the countermeasures. We detected 16 attacks that we grouped into six attack types. Along with the attacks, we collect countermeasures for attack mitigation. Developers can use our findings to minimize the risks when developing applications based on LoRaWAN. These mostly theoretical security recommendations should encourage future works to evaluate the mitigations in practice.
@article{kuntke_lorawan_2022,
title = {{LoRaWAN} {Security} {Issues} and {Mitigation} {Options} by the {Example} of {Agricultural} {IoT} {Scenarios}},
volume = {33},
issn = {2161-3915},
url = {https://www.peasec.de/paper/2022/2022_KuntkeRomanenkoLinsnerSteinbrinkReuter_LoRaWANsecurityAgriculture_ETT.pdf},
doi = {10.1002/ett.4452},
abstract = {The Internet of Things (IoT) is a major trend that is seen as a great opportunity to improve efficiency in many domains, including agriculture. This technology could transform the sector, improving the management and quality of agricultural operations, for example, crop farming. The most promising data transmission standard for this domain seems to be Long Range Wide Area Network (LoRaWAN), a popular representative of low power wide area network technologies today. LoRaWAN, like any wireless protocol, has properties that can be exploited by attackers, which has been a topic of multiple research papers in recent years. By conducting a systematic literature review, we build a recent list of attacks, as well as collect mitigation options. Taking a look at a concrete use case (IoT in agriculture) allows us to evaluate the practicality of both exploiting the vulnerabilities and implementing the countermeasures. We detected 16 attacks that we grouped into six attack types. Along with the attacks, we collect countermeasures for attack mitigation. Developers can use our findings to minimize the risks when developing applications based on LoRaWAN. These mostly theoretical security recommendations should encourage future works to evaluate the mitigations in practice.},
number = {5},
journal = {Transactions on Emerging Telecommunications Technologies (ETT)},
author = {Kuntke, Franz and Romanenko, Vladimir and Linsner, Sebastian and Steinbrink, Enno and Reuter, Christian},
month = may,
year = {2022},
keywords = {Student, Projekt-AgriRegio, Projekt-GeoBox, RSF, Security, A-Paper, Ranking-ImpactFactor, Projekt-HyServ, Projekt-GRKPrivacy},
pages = {e4452},
}
[BibTeX] [Abstract] [Download PDF]
Business collaboration in the era of digital transformation requires the exchange of operational data. Since data are hardly controllable once they have been published or shared with others, it is highly important that users are clearly informed about who has access to which data and how certain settings can prevent the disclosure of sensitive data. However, giving end users more control over their data through increased transparency could also lead to information overload. This is particularly true in the field of agriculture, where tight schedules put pressure on employees of small enterprises. We conduct an empirical prestudy with 52 German farmers to investigate current data sharing scenarios. From these insights, we derive requirements and a concept for data sharing solutions providing data flow transparency for users. To investigate the behavior of users and the effects of transparent UI controls, we evaluate a prototype with 18 persons. Our evaluation shows that farmers demand flexible and secure tools that adjust to their workflows. Also, data should be stored and processed locally, granting farmers data sovereignty. Although the controls require additional effort, the evaluated transparent controls for data disclosure are easy to use and raise user awareness.
@article{linsner_supporting_2022,
title = {Supporting {Users} in {Data} {Disclosure} {Scenarios} in {Agriculture} through {Transparency}},
volume = {41},
url = {http://www.peasec.de/paper/2022/2022_LinsnerSteinbrinkKuntkeFrankenReuter_SupportingDataDisclosureScenariosAgriculture_BIT.pdf},
doi = {10.1080/0144929X.2022.2068070},
abstract = {Business collaboration in the era of digital transformation requires the exchange of operational data. Since data are hardly controllable once they have been published or shared with others, it is highly important that users are clearly informed about who has access to which data and how certain settings can prevent the disclosure of sensitive data. However, giving end users more control over their data through increased transparency could also lead to information overload. This is particularly true in the field of agriculture, where tight schedules put pressure on employees of small enterprises. We conduct an empirical prestudy with 52 German farmers to investigate current data sharing scenarios. From these insights, we derive requirements and a concept for data sharing solutions providing data flow transparency for users. To investigate the behavior of users and the effects of transparent UI controls, we evaluate a prototype with 18 persons. Our evaluation shows that farmers demand flexible and secure tools that adjust to their workflows. Also, data should be stored and processed locally, granting farmers data sovereignty. Although the controls require additional effort, the evaluated transparent controls for data disclosure are easy to use and raise user awareness.},
number = {10},
journal = {Behaviour \& Information Technology (BIT)},
author = {Linsner, Sebastian and Steinbrink, Enno and Kuntke, Franz and Franken, Jonas and Reuter, Christian},
year = {2022},
keywords = {Projekt-AgriRegio, RSF, Security, UsableSec, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, Projekt-HyServ, Projekt-GRKPrivacy},
pages = {2137--2159},
}
[BibTeX] [Abstract] [Download PDF]
Within CSCW and HCI, an increasing body of literature has been demonstrating the essential relevance of infrastructures and infrastructuring to the work of people engaging in technologically mediated nomadicity. Tech Nomads – or T-Nomads, as they are sometimes called – not only rely on technological, human, and environmental infrastructural components – such as Wi-Fi, technical support, space, and basic resources such as light and power outlets – but they also have to engage in infrastructuring to mobilise their workplaces and effectively accomplish work in and across different locations. In this article, we bring an infrastructuring perspective to understanding nomadic practices concerning the organisation of complex collaborative events. We introduce findings from a long-term investigation focusing on how infrastructures are re-instantiated with the help of digital technologies, according to emerging demands from T-Nomads. Our findings demonstrate the need for a ‘nonessentialist’ approach to nomadicity, one which recognises the character of nomadic work and its varied aspects in different contexts. We extend the infrastructuring literature by demonstrating how infrastructuring work is done in a complex collaborative initiative, as the organisation of the annual European Social Forum.
@article{pinatti_de_carvalho_understanding_2022,
title = {Understanding {Nomadic} {Practices} of {Social} {Activist} {Networks} through the {Lens} of {Infrastructuring}: {The} {Case} of the {European} {Social} {Forum}},
url = {https://link.springer.com/article/10.1007/s10606-022-09442-7},
doi = {10.1007/s10606-022-09442-7},
abstract = {Within CSCW and HCI, an increasing body of literature has been demonstrating the essential relevance of infrastructures and infrastructuring to the work of people engaging in technologically mediated nomadicity. Tech Nomads – or T-Nomads, as they are sometimes called – not only rely on technological, human, and environmental infrastructural components – such as Wi-Fi, technical support, space, and basic resources such as light and power outlets – but they also have to engage in infrastructuring to mobilise their workplaces and effectively accomplish work in and across different locations. In this article, we bring an infrastructuring perspective to understanding nomadic practices concerning the organisation of complex collaborative events. We introduce findings from a long-term investigation focusing on how infrastructures are re-instantiated with the help of digital technologies, according to emerging demands from T-Nomads. Our findings demonstrate the need for a ‘nonessentialist’ approach to nomadicity, one which recognises the character of nomadic work and its varied aspects in different contexts. We extend the infrastructuring literature by demonstrating how infrastructuring work is done in a complex collaborative initiative, as the organisation of the annual European Social Forum.},
journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
author = {Pinatti De Carvalho, Aparecido Fabiano and Saeed, Saqib and Reuter, Christian and Rohde, Markus and Randall, Dave and Pipek, Volkmar and Wulf, Volker},
year = {2022},
keywords = {Crisis, HCI, A-Paper, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.
@article{reinhold_towards_2022,
title = {Towards a {Cyber} {Weapons} {Assessment} {Model} – {Assessment} of the {Technical} {Features} of {Malicious} {Software}},
volume = {3},
issn = {2637-6415},
url = {https://peasec.de/paper/2021/2021_ReinholdReuter_CyberWeapons_IEEETransactionsTechnologySociety.pdf},
doi = {10.1109/TTS.2021.3131817},
abstract = {The revelation of the Stuxnet malware in 2010 shed light on the presence of state actors that are willing and capable of developing and using highly sophisticated, specialized malicious software for their political interests. These tools -often dubbed cyber weapons -are expected to become the next major advancement in weaponry technology. Besides the threats of offensive cyber operations for civil IT systems due to the interconnected nature of the cyberspace, international regulation of cyber weapons is -among other aspects -hindered by the fact that the military development and the strategic and tactical deployment of cyber weapons differ significantly from other weapons technologies. In order to establish measures of cyber arms related control treaties, it is crucial to identify these particular characteristics. Based on this premise, the article analyzes the current perspectives on cyber weapons, identifying their weaknesses of being either based on assumptions about adversarial actors or being applicable only after the usage of a malicious tool. In contrast to these approaches, the article focuses on the specific functional aspects of malware and presents an indicator-based assessment model based on parameters that can be measured prior to the application of malicious software. This enables the categorization of malicious tools as cyber weapons. Besides this, the article aims to introduce thought-provoking impulses with regard to social responsibility in computer science.},
language = {en},
number = {3},
journal = {IEEE Transactions on Technology and Society},
author = {Reinhold, Thomas and Reuter, Christian},
month = sep,
year = {2022},
keywords = {Peace, Projekt-ATHENE-SecUrban, A-Paper, Ranking-ImpactFactor, Cyberwar, AuswahlPeace},
pages = {226--239},
}
[BibTeX] [Download PDF]
@book{reuter_special_2022,
title = {Special {Issue} on {Usable} {Security} and {Privacy} with {User}-{Centered} {Interventions} and {Transparency} {Mechanisms} - {Behaviour} \& {Information} {Technology} ({BIT})},
url = {https://www.tandfonline.com/toc/tbit20/41/10?nav=tocList},
publisher = {Taylor \& Francis},
author = {Reuter, Christian and Lo Iacono, Luigi and Benlian, Alexander},
year = {2022},
note = {Publication Title: Behaviour \& Information Technology (BIT)},
keywords = {Peace, UsableSec, Crisis, HCI, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX] [Abstract] [Download PDF]
In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.
@article{reuter_quarter_2022,
title = {A {Quarter} {Century} of {Usable} {Security} and {Privacy} {Research}: {Transparency}, {Tailorability}, and the {Road} {Ahead}},
volume = {41},
issn = {0144-929X},
url = {https://www.tandfonline.com/toc/tbit20/41/10},
doi = {10.1080/0144929X.2022.2080908},
abstract = {In the last decades, research has shown that both technical solutions and user perceptions are important to improve security and privacy in the digital realm. The field of ‘usable security’ already started to emerge in the mid-90s, primarily focussed on password and email security. Later on, the research field of ”usable security and privacy” evolved and broadened the aim to design concepts and tools to assist users in enhancing their behaviour with regard to both privacy and security. Nevertheless, many user interventions are not as effective as desired. Because of highly diverse usage contexts, leading to different privacy and security requirements and not always to one-size-fits-all approaches, tailorability is necessary to address this issue. Furthermore, transparency is a crucial requirement, as providing comprehensible information may counter reactance towards security interventions. This article first provides a brief history of the research field in its first quarter-century and then highlights research on the transparency and tailorability of user interventions. Based on this, this article then presents six contributions with regard to (1) privacy concerns in times of COVID-19, (2) authentication on mobile devices, (3) GDPR-compliant data management, (4) privacy notices on websites, (5) data disclosure scenarios in agriculture, as well as (6) rights under data protection law and the concrete process should data subjects want to claim those rights. This article concludes with several research directions on user-centred transparency and tailorability.},
number = {10},
journal = {Behaviour \& Information Technology (BIT)},
author = {Reuter, Christian and Lo Iacono, Luigi and Benlian, Alexander},
year = {2022},
keywords = {Security, UsableSec, Crisis, HCI, Projekt-ATHENE-SecUrban, Projekt-CROSSING, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia},
pages = {2035--2048},
}
[BibTeX] [Abstract] [Download PDF]
Artificial Intelligence (AI) seems to be impacting all industry sectors, while becoming a motor for innovation. The diffusion of AI from the civilian sector to the defense sector, and AI’s dual-use potential has drawn attention from security and ethics scholars. With the publication of the ethical guideline Trustworthy AI by the European Union (EU), normative questions on the application of AI have been further evaluated. In order to draw conclusions on Trustworthy AI as a point of reference for responsible research and development (R&D), we approach the diffusion of AI across both civilian and military spheres in the EU. We capture the extent of technological diffusion and derive European and German patent citation networks. Both networks indicate a low degree of diffusion of AI between civilian and defense sectors. A qualitative investigation of project descriptions of a research institute’s work in both civilian and military fields shows that military AI applications stress accuracy or robustness, while civilian AI reflects a focus on human-centric values. Our work represents a first approach by linking processes of technology diffusion with normative evaluations of R&D.
@article{schmid_dual-use_2022,
title = {Dual-{Use} and {Trustworthy}? {A} {Mixed} {Methods} {Analysis} of {AI} {Diffusion} between {Civilian} and {Defense} {R}\&{D}},
volume = {28},
url = {https://peasec.de/paper/2022/2022_SchmidRiebeReuter_DualUseandTrustworthy_ScienceEngineeringEthics.pdf},
doi = {10.1007/s11948-022-00364-7},
abstract = {Artificial Intelligence (AI) seems to be impacting all industry sectors, while becoming a motor for innovation. The diffusion of AI from the civilian sector to the defense sector, and AI’s dual-use potential has drawn attention from security and ethics scholars. With the publication of the ethical guideline Trustworthy AI by the European Union (EU), normative questions on the application of AI have been further evaluated. In order to draw conclusions on Trustworthy AI as a point of reference for responsible research and development (R\&D), we approach the diffusion of AI across both civilian and military spheres in the EU. We capture the extent of technological diffusion and derive European and German patent citation networks. Both networks indicate a low degree of diffusion of AI between civilian and defense sectors. A qualitative investigation of project descriptions of a research institute’s work in both civilian and military fields shows that military AI applications stress accuracy or robustness, while civilian AI reflects a focus on human-centric values. Our work represents a first approach by linking processes of technology diffusion with normative evaluations of R\&D.},
number = {12},
journal = {Science and Engineering Ethics},
author = {Schmid, Stefka and Riebe, Thea and Reuter, Christian},
year = {2022},
keywords = {Peace, Projekt-CYWARN, A-Paper, Ranking-ImpactFactor, AuswahlPeace, Projekt-KontiKat},
pages = {1--23},
}
[BibTeX] [Abstract] [Download PDF]
In the digital age, the vision of autonomous vehicles (AVs) is vibrant. Research is being conducted worldwide to inte-grate AVs into our everyday lives in the future, spending consid-erable amounts of money in the development process. Actors from both engineering as well as social sciences are involved in this re-search, with technical disciplines strongly dominating. In addition to perceived progress of numerous newly developed technologies such as AVs, challenges should also be referred to. According to research analysis, the transferability of autonomous cars to the military sphere seems to be frequently forgotten or ignored (dual-use). Since not much research has been conducted in Germany on the potential deployment of autonomous driving development steps into military domains, 25 semi-structured interviews with de-velopers and researchers and actors involved in the field, were conducted in 2020. The paper identifies that the majority of re-spondents interviewed were aware of general existing dual-use de-bates, however, few had reflected about dual-use issues regarding a possible transfer of their own development processes in the con-text of autonomous driving to military applications, intensively. One reason is the small-scale nature of research, another is the complexity of the field, which enables the engineer’s alienation from their responsibility for the artefacts’ use. Moreover, it has become clear that hardly any conversations among colleagues oc-cur about possible misuse and that no standardized policy guide-lines exist, which provide information about possible risk. To raise dual-use awareness, scientific contributions, risk education, and interdisciplinary discussions are essential.
@article{schwartz_vision_2022,
title = {Vision or {Threat} – {Awareness} for {Dual}-{Use} in the {Development} of {Autonomous} {Driving}},
volume = {3},
issn = {2637-6415},
url = {https://www.peasec.de/paper/2022/2022_SchwartzGuntrumReuter_VisionorThreatAwarenessDualUseAutonomousDriving_IEEE-TTS.pdf},
doi = {10.1109/TTS.2022.3182310},
abstract = {In the digital age, the vision of autonomous vehicles (AVs) is vibrant. Research is being conducted worldwide to inte-grate AVs into our everyday lives in the future, spending consid-erable amounts of money in the development process. Actors from both engineering as well as social sciences are involved in this re-search, with technical disciplines strongly dominating. In addition to perceived progress of numerous newly developed technologies such as AVs, challenges should also be referred to. According to research analysis, the transferability of autonomous cars to the military sphere seems to be frequently forgotten or ignored (dual-use). Since not much research has been conducted in Germany on the potential deployment of autonomous driving development steps into military domains, 25 semi-structured interviews with de-velopers and researchers and actors involved in the field, were conducted in 2020. The paper identifies that the majority of re-spondents interviewed were aware of general existing dual-use de-bates, however, few had reflected about dual-use issues regarding a possible transfer of their own development processes in the con-text of autonomous driving to military applications, intensively. One reason is the small-scale nature of research, another is the complexity of the field, which enables the engineer’s alienation from their responsibility for the artefacts’ use. Moreover, it has become clear that hardly any conversations among colleagues oc-cur about possible misuse and that no standardized policy guide-lines exist, which provide information about possible risk. To raise dual-use awareness, scientific contributions, risk education, and interdisciplinary discussions are essential.},
language = {en},
number = {3},
journal = {IEEE Transactions on Technology and Society},
author = {Schwartz, Sebastian and Guntrum, Laura and Reuter, Christian},
year = {2022},
keywords = {Peace, Projekt-TraCe, Projekt-ATHENE-FANCY, A-Paper, Selected, Ranking-ImpactFactor, AuswahlPeace},
pages = {163--174},
}
2021
[BibTeX] [Abstract] [Download PDF]
Past studies in the domains of information systems have analysed the potentials and barriers of social media in emergencies. While information disseminated in social media can lead to valuable insights, emergency services and researchers face the challenge of information overload as data quickly exceeds the manageable amount. We propose an embedding-based clustering approach and a method for the automated labelling of clusters. Given that the clustering quality is highly dependent on embeddings, we evaluate 19 embedding models with respect to time, internal cluster quality, and language invariance. The results show that it may be sensible to use embedding models that were already trained on other crisis datasets. However, one must ensure that the training data generalizes enough, so that the clustering can adapt to new situations. Confirming this, we found out that some embeddings were not able to perform as well on a German dataset as on an English dataset.
@inproceedings{bayer_information_2021,
title = {Information {Overload} in {Crisis} {Management}: {Bilingual} {Evaluation} of {Embedding} {Models} for {Clustering} {Social} {Media} {Posts} in {Emergencies}},
url = {https://peasec.de/paper/2021/2021_BayerKaufholdReuter_InformationOverloadInCrisisManagementBilingualEvaluation_ECIS.pdf},
abstract = {Past studies in the domains of information systems have analysed the potentials and barriers of social media in emergencies. While information disseminated in social media can lead to valuable insights, emergency services and researchers face the challenge of information overload as data quickly exceeds the manageable amount. We propose an embedding-based clustering approach and a method for the automated labelling of clusters. Given that the clustering quality is highly dependent on embeddings, we evaluate 19 embedding models with respect to time, internal cluster quality, and language invariance. The results show that it may be sensible to use embedding models that were already trained on other crisis datasets. However, one must ensure that the training data generalizes enough, so that the clustering can adapt to new situations. Confirming this, we found out that some embeddings were not able to perform as well on a German dataset as on an English dataset.},
booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
year = {2021},
keywords = {Crisis, Projekt-CYWARN, Projekt-ATHENE-SecUrban, A-Paper, Ranking-CORE-A, SocialMedia},
pages = {1--18},
}
[BibTeX] [Abstract] [Download PDF]
During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.
@article{haesler_stronger_2021,
title = {Stronger {Together}: {How} {Neighborhood} {Groups} {Build} up a {Virtual} {Network} during the {COVID}-19 {Pandemic}},
volume = {5},
url = {https://peasec.de/paper/2021/2021_HaeslerSchmidVierneiselReuter_StrongerTogetherVirtualNetworkCOVID19_CSCW.pdf},
abstract = {During crises such as the COVID-19 pandemic, people spontaneously initiate support groups, while establishedorganizations like soccer clubs set non-regular goals, both offering help. Interested in the coordination of suchhelp and potential challenges of collaboration, we conducted a virtual ethnography of a multi-level networklocated in Germany. We focused on aims, activities, and technological mediation, with Activity Theory astheoretical framework. Our findings show that the organizational aim of coordinating help was successfullyachieved by connecting heterogeneous actors through digitization and institutionalization. Enabled by thecontext of the COVID-19 pandemic crisis, the network acted virtually, but was also able to integrate analogspaces of help. We identified six crucial implications regarding the use of technology and collaboration forbuilding a successful volunteering network.},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Haesler, Steffen and Schmid, Stefka and Vierneisel, Annemike Sophia and Reuter, Christian},
year = {2021},
keywords = {Crisis, HCI, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, Selected, AuswahlCrisis, Ranking-CORE-A},
}
[BibTeX] [Abstract] [Download PDF]
Technological progress can disrupt domains and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk. Having insight into the business data of others along the supply chain provides an advantage in terms of market position. This is particularly true in agriculture, where there is already a significant imbalance of power between actors. A multitude of small and medium-sized farming businesses are opposed by large upstream and downstream players that drive technological innovation. Further weakening the market position of farmers could lead to severe consequences for the entire sector. We found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other hand, privacy itself influences adoption of digital tools. Our study sheds light on the emerging challenges for farmers and the role of privacy in the process of digitalization in agriculture.
@article{linsner_role_2021,
title = {The {Role} of {Privacy} in {Digitalization} – {Analysing} the {German} {Farmers}' {Perspective}},
volume = {2021},
url = {https://www.petsymposium.org/2021/files/papers/issue3/popets-2021-0050.pdf},
doi = {10.2478/popets-2021-0050},
abstract = {Technological progress can disrupt domains
and change the way we work and collaborate. This paper presents a qualitative study with 52 German farmers
that investigates the impact of the ongoing digitalization process in agriculture and discusses the implications for privacy research. As in other domains, the introduction of digital tools and services leads to the data
itself becoming a resource. Sharing this data with products along the supply chain is favored by retailers and
consumers, who benefit from traceability through transparency. However, transparency can pose a privacy risk.
Having insight into the business data of others along the
supply chain provides an advantage in terms of market
position. This is particularly true in agriculture, where
there is already a significant imbalance of power between actors. A multitude of small and medium-sized
farming businesses are opposed by large upstream and
downstream players that drive technological innovation.
Further weakening the market position of farmers could
lead to severe consequences for the entire sector. We
found that on the one hand, privacy behaviors are affected by adoption of digitalization, and on the other
hand, privacy itself influences adoption of digital tools.
Our study sheds light on the emerging challenges for
farmers and the role of privacy in the process of digitalization in agriculture.},
number = {3},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Linsner, Sebastian and Kuntke, Franz and Steinbrink, Enno and Franken, Jonas and Reuter, Christian},
year = {2021},
keywords = {Projekt-GeoBox, Security, UsableSec, HCI, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A, Ranking-ImpactFactor, Projekt-HyServ, Projekt-GRKPrivacy},
pages = {334--350},
}
[BibTeX] [Abstract] [Download PDF]
Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.
@article{riebe_impact_2021,
title = {The {Impact} of {Organizational} {Structure} and {Technology} {Use} on {Collaborative} {Practices} in {Computer} {Emergency} {Response} {Teams}: {An} {Empirical} {Study}},
volume = {5},
url = {https://www.peasec.de/paper/2021/2021_RiebeKaufholdReuter_ComputerEmegencyResponseTeams_CSCW.pdf},
doi = {10.1145/3479865},
abstract = {Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Riebe, Thea and Kaufhold, Marc-André and Reuter, Christian},
year = {2021},
keywords = {Security, UsableSec, Crisis, Projekt-CYWARN, Projekt-ATHENE-SecUrban, A-Paper, AuswahlKaufhold, AuswahlUsableSec, Ranking-CORE-A, Projekt-KontiKat},
}
[BibTeX] [Abstract] [Download PDF]
Spillover effects describe the process of a company benefiting from the R&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.
@article{riebe_measuring_2021,
title = {Measuring {Spillover} {Effects} from {Defense} to {Civilian} {Sectors} – {A} {Quantitative} {Approach} {Using} {LinkedIn}},
volume = {32},
url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_SpilloverEffectsDefensetoCivilianLinkedIn_PDE.pdf},
doi = {10.1080/10242694.2020.1755787},
abstract = {Spillover effects describe the process of a company benefiting from the R\&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.},
number = {7},
journal = {Defence and Peace Economics},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
year = {2021},
keywords = {Peace, Projekt-ATHENE-SecUrban, A-Paper, Selected, Ranking-ImpactFactor, Cyberwar, AuswahlPeace, Projekt-DualUse},
pages = {773--785},
}
[BibTeX] [Abstract] [Download PDF]
Since 2015, an increased number of asylum seekers is coming to Europe. These migration movements increasingly rely on digital infrastructure, such as mobile internet access and online services, in order to reach their targeted destination countries. Asylum seekers often use smartphones for information and communication purposes. Even though there are many positive aspects in the use of such technologies, researchers have to consider the perceived risks of this specific user group. This work aims at investigating the use of mobile information technologies by asylum seekers during their flight, especially taking privacy into account. Thus, it examines asylum seekers’ digital privacy perceptions and identifies privacy protection behaviors by conducting a qualitative interview study with 14 asylum seekers who applied for asylum in Germany. The results show that asylum seekers are often aware of the various risks deriving from the use of smartphones and ICT, such as surveillance and persecution by state or non-state actors as well as extortion by criminals. Based on this, this work furthermore outlines different strategies used to manage these risks. Since the lack of privacy and trust leads to avoidance behavior, the insights of this study provide valuable information for the design of assistance apps and collaboration platforms, which appropriately address the specific needs for digital privacy in the context of flight, or for the conception of privacy-enhancing technologies helping to achieve this.
@article{steinbrink_digital_2021,
title = {Digital {Privacy} {Perceptions} of {Asylum} {Seekers} in {Germany} - {An} {Empirical} {Study} about {Smartphone} {Usage} during the {Flight}},
volume = {5},
url = {https://www.peasec.de/paper/2021/2021_SteinbrinkReichertMendeReuter_DigitalPrivacyPerceptionAsylumSeekers_CSCW.pdf},
doi = {10.1145/3479526},
abstract = {Since 2015, an increased number of asylum seekers is coming to Europe. These migration movements increasingly rely on digital infrastructure, such as mobile internet access and online services, in order to reach their targeted destination countries. Asylum seekers often use smartphones for information and communication purposes. Even though there are many positive aspects in the use of such technologies, researchers have to consider the perceived risks of this specific user group. This work aims at investigating the use of mobile information technologies by asylum seekers during their flight, especially taking privacy into account. Thus, it examines asylum seekers’ digital privacy perceptions and identifies privacy protection behaviors by conducting a qualitative interview study with 14 asylum seekers who applied for asylum in Germany. The results show that asylum seekers are often aware of the various risks deriving from the use of smartphones and ICT, such as surveillance and persecution by state or non-state actors as well as extortion by criminals. Based on this, this work furthermore outlines different strategies used to manage these risks. Since the lack of privacy and trust leads to avoidance behavior, the insights of this study provide valuable information for the design of assistance apps and collaboration platforms, which appropriately address the specific needs for digital privacy in the context of flight, or for the conception of privacy-enhancing technologies helping to achieve this.},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Steinbrink, Enno and Reichert, Lilian and Mende, Michelle and Reuter, Christian},
year = {2021},
keywords = {Student, Security, UsableSec, Projekt-ATHENE-FANCY, A-Paper, AuswahlUsableSec, Ranking-CORE-A, Ranking-ImpactFactor, Projekt-GRKPrivacy},
}
2020
[BibTeX] [Abstract] [Download PDF]
The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28\%/89.19\% accuracy, 98.3\%/89.6\% precision and 80.4\%/87.5\% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.
@article{kaufhold_rapid_2020,
title = {Rapid relevance classification of social media posts in disasters and emergencies: {A} system and evaluation featuring active, incremental and online learning},
volume = {57},
url = {https://peasec.de/paper/2020/2020_KaufholdBayerReuter_RapidRelevanceClassification_IPM.pdf},
abstract = {The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during disasters and emergencies. Social media allow emergency services to receive valuable information (e.g., eyewitness reports, pictures, or videos) from social media. However, the vast amount of data generated during large-scale incidents can lead to issue of information overload. Research indicates that supervised machine learning techniques are sui- table for identifying relevant messages and filter out irrelevant messages, thus mitigating in- formation overload. Still, they require a considerable amount of labeled data, clear criteria for relevance classification, a usable interface to facilitate the labeling process and a mechanism to rapidly deploy retrained classifiers. To overcome these issues, we present (1) a system for social media monitoring, analysis and relevance classification, (2) abstract and precise criteria for re- levance classification in social media during disasters and emergencies, (3) the evaluation of a well-performing Random Forest algorithm for relevance classification incorporating metadata from social media into a batch learning approach (e.g., 91.28\%/89.19\% accuracy, 98.3\%/89.6\% precision and 80.4\%/87.5\% recall with a fast training time with feature subset selection on the European floods/BASF SE incident datasets), as well as (4) an approach and preliminary eva- luation for relevance classification including active, incremental and online learning to reduce the amount of required labeled data and to correct misclassifications of the algorithm by feed- back classification. Using the latter approach, we achieved a well-performing classifier based on the European floods dataset by only requiring a quarter of labeled data compared to the tradi- tional batch learning approach. Despite a lesser effect on the BASF SE incident dataset, still a substantial improvement could be determined.},
number = {1},
journal = {Information Processing \& Management (IPM)},
author = {Kaufhold, Marc-André and Bayer, Markus and Reuter, Christian},
year = {2020},
keywords = {Crisis, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, AuswahlKaufhold, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia, Ranking-WKWI-B},
pages = {1--32},
}
[BibTeX] [Abstract] [Download PDF]
As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.
@inproceedings{kaufhold_warning_2020,
title = {Warning the {Public}: {A} {Survey} on {Attitudes}, {Expectations} and {Use} of {Mobile} {Crisis} {Apps} in {Germany}},
url = {http://www.peasec.de/paper/2020/2020_KaufholdHaunschildReuter_WarningthePublic_ECIS.pdf},
abstract = {As part of information systems, the research field of crisis informatics increasingly investigates the potentials and limitations of mobile crisis apps, which constitute a relatively new public service for citizens and are specifically designed for the dissemination of disaster‐related information and communication between authorities, organizations and citizens. While existing crisis apps, such as KATWARN or NINA in Germany, focus on preparatory information and warning functionality, there is a need for apps and research on police-related functionality, such as information on cybercrime, fraud offences, or search for missing persons. Based on a workshop with civil protection (N=12) and police officers (N=15), we designed a questionnaire and conducted a representative survey of German citizens (N=1.219) on the past, current and future use, perceived helpfulness, deployment and behavioural preferences, configurability and most important functionality of mobile crisis apps. Our results indicate that in addition to emergency and weather warnings, crime- and health-related warnings are also desired by many, as is the possibility for bidirectional communication. People also want one central app and are resistant to installing more than one crisis app. Furthermore, there are few significant differences between socioeconomic groups.},
booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
publisher = {AIS},
author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
year = {2020},
keywords = {Crisis, Projekt-ATHENE-FANCY, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, Ranking-CORE-A, Ranking-VHB-B, Ranking-WKWI-A},
}
[BibTeX] [Abstract] [Download PDF]
The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during conflicts and crises. Social media allow emergency services to reach the public easily in the context of crisis communication and receive valuable information (e.g. pictures) from social media data. However, the vast amount of data generated during large-scale incidents can lead to issues of information overload and quality. To mitigate these issues, this paper proposes the semi-automatic creation of alerts including keyword, relevance and information quality filters based on cross-platform social media data. We conducted empirical studies and workshops with emergency services across Europe to raise requirements, then iteratively designed and implemented an approach to support emergency services, and performed multiple evaluations, including live demonstrations and field trials, to research the potentials of social media-based alerts. Finally, we present the findings and implications based on semi-structured interviews with emergency services, highlighting the need for usable configurability and white-box algorithm representation.
@article{kaufhold_mitigating_2020,
title = {Mitigating {Information} {Overload} in {Social} {Media} during {Conflicts} and {Crises}: {Design} and {Evaluation} of a {Cross}-{Platform} {Alerting} {System}},
volume = {39},
url = {https://www.tandfonline.com/doi/full/10.1080/0144929X.2019.1620334},
doi = {10.1080/0144929X.2019.1620334},
abstract = {The research field of crisis informatics examines, amongst others, the potentials and barriers of social media use during conflicts and crises. Social media allow emergency services to reach the public easily in the context of crisis communication and receive valuable information (e.g. pictures) from social media data. However, the vast amount of data generated during large-scale incidents can lead to issues of information overload and quality. To mitigate these issues, this paper proposes the semi-automatic creation of alerts including keyword, relevance and information quality filters based on cross-platform social media data. We conducted empirical studies and workshops with emergency services across Europe to raise requirements, then iteratively designed and implemented an approach to support emergency services, and performed multiple evaluations, including live demonstrations and field trials, to research the potentials of social media-based alerts. Finally, we present the findings and implications based on semi-structured interviews with emergency services, highlighting the need for usable configurability and white-box algorithm representation.},
number = {3},
journal = {Behaviour \& Information Technology (BIT)},
author = {Kaufhold, Marc-André and Rupp, Nicola and Reuter, Christian and Habdank, Matthias},
year = {2020},
keywords = {Security, Crisis, HCI, Projekt-ATHENE-FANCY, A-Paper, AuswahlKaufhold, Selected, AuswahlCrisis, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia, Projekt-KontiKat},
pages = {319--342},
}
[BibTeX] [Abstract] [Download PDF]
Since the emergence of so-called fake news on the internet and in social media, platforms such as Facebook have started to take countermeasures, and researchers have begun looking into this phenomenon from a variety of perspectives. A large number of scientific work has investigated ways to detect fake news automatically. Less attention has been paid to the subsequent step, i.e., what to do when you are aware of the inaccuracy of claims in social media. This work takes a user-centered approach on means to counter identified mis- and disinformation in social media. We conduct a three-step study design on how approaches in social media should be presented to respect the users‘ needs and experiences and how effective they are. As our first step, in an online survey representative for some factors to the German adult population, we enquire regarding their strategies on handling information in social media, and their opinion regarding possible solutions — focusing on the approach of displaying a warning on inaccurate posts. In a second step, we present five potential approaches for countermeasures identified in related work to interviewees for qualitative input. We discuss (1) warning, (2) related articles, (3) reducing the size, (4) covering, and (5) requiring confirmation. Based on the interview feedback, as the third step of this study, we select, improve, and examine four promising approaches on how to counter misinformation. We conduct an online experiment to test their effectiveness on the perceived accuracy of false headlines and also ask for the users‘ preferences. In this study, we find that users welcome warning-based approaches to counter fake news and are somewhat critical with less transparent methods. Moreover, users want social media platforms to explain why a post was marked as disputed. The results regarding effectiveness are similar: Warning-based approaches are shown to be effective in reducing the perceived accuracy of false headlines. Moreover, adding an explanation to the warning leads to the most significant results. In contrast, we could not find a significant effect on one of Facebook’s current approaches (reduced post size and fact-checks in related articles).
@article{kirchner_countering_2020,
title = {Countering {Fake} {News}: {A} {Comparison} of {Possible} {Solutions} {Regarding} {User} {Acceptance} and {Effectiveness}},
volume = {4},
url = {https://dl.acm.org/doi/10.1145/3415211},
doi = {10.1145/3415211},
abstract = {Since the emergence of so-called fake news on the internet and in social media, platforms such as Facebook have started to take countermeasures, and researchers have begun looking into this phenomenon from a variety of perspectives. A large number of scientific work has investigated ways to detect fake news automatically. Less attention has been paid to the subsequent step, i.e., what to do when you are aware of the inaccuracy of claims in social media. This work takes a user-centered approach on means to counter identified mis- and disinformation in social media. We conduct a three-step study design on how approaches in social media should be presented to respect the users' needs and experiences and how effective they are. As our first step, in an online survey representative for some factors to the German adult population, we enquire regarding their strategies on handling information in social media, and their opinion regarding possible solutions — focusing on the approach of displaying a warning on inaccurate posts. In a second step, we present five potential approaches for countermeasures identified in related work to interviewees for qualitative input. We discuss (1) warning, (2) related articles, (3) reducing the size, (4) covering, and (5) requiring confirmation. Based on the interview feedback, as the third step of this study, we select, improve, and examine four promising approaches on how to counter misinformation. We conduct an online experiment to test their effectiveness on the perceived accuracy of false headlines and also ask for the users' preferences. In this study, we find that users welcome warning-based approaches to counter fake news and are somewhat critical with less transparent methods. Moreover, users want social media platforms to explain why a post was marked as disputed. The results regarding effectiveness are similar: Warning-based approaches are shown to be effective in reducing the perceived accuracy of false headlines. Moreover, adding an explanation to the warning leads to the most significant results. In contrast, we could not find a significant effect on one of Facebook's current approaches (reduced post size and fact-checks in related articles).},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Kirchner, Jan and Reuter, Christian},
year = {2020},
note = {Place: Austin, USA
Publisher: ACM},
keywords = {Student, Crisis, HCI, A-Paper, Selected, AuswahlCrisis, Ranking-CORE-A, Ranking-ImpactFactor, Cooperation},
pages = {140:1--140:28},
}
[BibTeX] [Abstract] [Download PDF]
The growing importance of social media in conflicts and crises is accompanied by an ever-increasing research interest in the crisis informatics field in order to identify potential benefits and develop measures against the technology’s abuse. This special issue sets out to give an overview of current research on the use of social media in conflicts and crises. In doing so, it focuses on both good and malicious aspects of social media and includes a variety of papers of conceptual, theoretical and empirical nature. In six sections, the special issue presents an overview of the field, analytical methods, technical challenges, current advancements and the accepted papers before concluding. Specific topics range from cyber deception over information trustworthiness to mining and near-real-time processing of social media data.
@book{reuter_special_2020,
title = {Special {Issue} on {Social} {Media} in {Conflicts} and {Crises} - {Behaviour} \& {Information} {Technology} ({BIT})},
volume = {39},
url = {https://www.tandfonline.com/toc/tbit20/39/3},
abstract = {The growing importance of social media in conflicts and crises is accompanied by an ever-increasing research interest in the crisis informatics field in order to identify potential benefits and develop measures against the technology's abuse. This special issue sets out to give an overview of current research on the use of social media in conflicts and crises. In doing so, it focuses on both good and malicious aspects of social media and includes a variety of papers of conceptual, theoretical and empirical nature. In six sections, the special issue presents an overview of the field, analytical methods, technical challenges, current advancements and the accepted papers before concluding. Specific topics range from cyber deception over information trustworthiness to mining and near-real-time processing of social media data.},
number = {1},
publisher = {Taylor \& Francis},
author = {Reuter, Christian and Stieglitz, Stefan and Imran, Muhammad},
year = {2020},
note = {Publication Title: Behaviour \& Information Technology (BIT)},
keywords = {Peace, Crisis, HCI, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX] [Abstract] [Download PDF]
The growing importance of social media in conflicts and crises is accompanied by an ever-increasing research interest in the crisis informatics field in order to identify potential benefits and develop measures against the technology’s abuse. This special issue sets out to give an overview of current research on the use of social media in conflicts and crises. In doing so, it focuses on both good and malicious aspects of social media and includes a variety of papers of conceptual, theoretical and empirical nature. In six sections, the special issue presents an overview of the field, analytical methods, technical challenges, current advancements and the accepted papers before concluding. Specific topics range from cyber deception over information trustworthiness to mining and near-real-time processing of social media data.
@article{reuter_social_2020,
title = {Social media in conflicts and crises},
volume = {39},
issn = {0144-929X},
url = {https://peasec.de/paper/2020/2020_ReuterStieglitzImran_SocialMediainConflictsandCrises_BIT.pdf},
doi = {10.1080/0144929X.2019.1629025},
abstract = {The growing importance of social media in conflicts and crises is accompanied by an ever-increasing research interest in the crisis informatics field in order to identify potential benefits and develop measures against the technology's abuse. This special issue sets out to give an overview of current research on the use of social media in conflicts and crises. In doing so, it focuses on both good and malicious aspects of social media and includes a variety of papers of conceptual, theoretical and empirical nature. In six sections, the special issue presents an overview of the field, analytical methods, technical challenges, current advancements and the accepted papers before concluding. Specific topics range from cyber deception over information trustworthiness to mining and near-real-time processing of social media data.},
number = {1},
journal = {Behaviour \& Information Technology (BIT)},
author = {Reuter, Christian and Stieglitz, Stefan and Imran, Muhammad},
year = {2020},
keywords = {Peace, Crisis, HCI, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia},
pages = {241--251},
}
[BibTeX] [Abstract] [Download PDF]
Finding a way to ensure an effective use of social media has become increasingly important to emergency services over the past decade. Despite all efforts to determine the utility of social media for emergency organisations, it is necessary to benefit from such institutions‘ staffs‘ opinions to establish effective use. To provide empirical evidence we present a comparison of two surveys, conducted across Europe with emergency services in 2014 and 2017 respectively, with a total of 1169 answers. The analysis shows that personal experience has an effect on how organisational usage of social media is perceived and how emergency service staff view the future use of social media. Furthermore, the use has increased. This article not only shows emergency services what their staff think about their social media usage but also discusses challenges and future directions for the design of systems that can be useful for further development of optimized organisational social media usage.
@article{reuter_emergency_2020,
title = {Emergency {Service} {Staff} and {Social} {Media} – {A} {Comparative} {Empirical} {Study} of the {Perception} by {Emergency} {Services} {Members} in {Europe} in 2014 and 2017},
volume = {46},
url = {https://peasec.de/paper/2020/2020_ReuterKaufholdSpahrSpielhoferHahne_EmergencyServiceSocialMediaAttitude20142017_IJDRR.pdf},
doi = {10.1016/j.ijdrr.2020.101516},
abstract = {Finding a way to ensure an effective use of social media has become increasingly important to emergency services over the past decade. Despite all efforts to determine the utility of social media for emergency organisations, it is necessary to benefit from such institutions' staffs' opinions to establish effective use. To provide empirical evidence we present a comparison of two surveys, conducted across Europe with emergency services in 2014 and 2017 respectively, with a total of 1169 answers. The analysis shows that personal experience has an effect on how organisational usage of social media is perceived and how emergency service staff view the future use of social media. Furthermore, the use has increased. This article not only shows emergency services what their staff think about their social media usage but also discusses challenges and future directions for the design of systems that can be useful for further development of optimized organisational social media usage.},
number = {101516},
journal = {International Journal of Disaster Risk Reduction (IJDRR)},
author = {Reuter, Christian and Kaufhold, Marc-André and Spahr, Fabian and Spielhofer, Thomas and Hahne, Anna Sophie},
year = {2020},
keywords = {Student, Crisis, Projekt-emergenCITY, A-Paper, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX] [Abstract] [Download PDF]
The debate on the development and deployment of lethal autonomous weapon systems (LAWS) as an emerging technology is of increasing importance, with discussions stalling and technological development progressing. Monitoring the progress of increasingly autonomous weapons systems in civilian and military use as well as regulating possible autonomous systems early on is demanded by civil society actors, like the Campaign to Stop Killer Robots and the International Committee of the Red Cross (ICRC), while nation states follow a variety of interests and strategies, showing little room for consensus on central terms and questions [2], [3]. This article therefore sheds light on the work of the Group of Governmental Experts (GGE) of the UN Convention of Certain Conventional Weapons (CCW). The CCW, offering an arena for international cooperation, has dedicated itself to the purpose of finding common ground with respect to an understanding of LAWS, as well as to the necessary degree of human control. From an ethical perspective, the concept of Meaningful Human Control (MHC) supports a human-centric approach. Several IEEE projects, series and publications are dedicated to this prioritization, especially regarding civilian use. As autonomous technology is increasingly at the center of contemporary military innovations, questions of (human) agency and responsibility in warfare have become even more pressing. As stressed by the United Nations Institute for Disarmament Research (UNIDIR), the concept of MHC may prove useful in the context of development and use of (semi-) autonomous weaponry.
@article{riebe_meaningful_2020,
title = {Meaningful {Human} {Control} of {Lethal} {Autonomous} {Weapon} {Systems}: {The} {CCW}-{Debate} and its {Implications} for {Value}-{Sensitive} {Design}},
volume = {39},
url = {https://peasec.de/paper/2020/2020_RiebeSchmidReuter_MHC_IEEETechScieMag.pdf},
doi = {10.1109/MTS.2020.3031846},
abstract = {The debate on the development and deployment of lethal autonomous weapon systems (LAWS) as an emerging technology is of increasing importance, with discussions stalling and technological development progressing. Monitoring the progress of increasingly autonomous weapons systems in civilian and military use as well as regulating possible autonomous systems early on is demanded by civil society actors, like the Campaign to Stop Killer Robots and the International Committee of the Red Cross (ICRC), while nation states follow a variety of interests and strategies, showing little room for consensus on central terms and questions [2], [3]. This article therefore sheds light on the work of the Group of Governmental Experts (GGE) of the UN Convention of Certain Conventional Weapons (CCW). The CCW, offering an arena for international cooperation, has dedicated itself to the purpose of finding common ground with respect to an understanding of LAWS, as well as to the necessary degree of human control. From an ethical perspective, the concept of Meaningful Human Control (MHC) supports a human-centric approach. Several IEEE projects, series and publications are dedicated to this prioritization, especially regarding civilian use. As autonomous technology is increasingly at the center of contemporary military innovations, questions of (human) agency and responsibility in warfare have become even more pressing. As stressed by the United Nations Institute for Disarmament Research (UNIDIR), the concept of MHC may prove useful in the context of development and use of (semi-) autonomous weaponry.},
number = {4},
journal = {IEEE Technology and Society Magazine},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
year = {2020},
keywords = {Peace, A-Paper, Ranking-ImpactFactor, Cyberwar, AuswahlPeace, Projekt-DualUse, Projekt-KontiKat},
pages = {36--51},
}
[BibTeX] [Abstract] [Download PDF]
Due to the increase in natural disasters in the past years, Disaster Response Organizations (DROs) are faced with the challenge of coping with more and larger operations. Currently appointed Information and Communications Technology (ICT) used for coordination and communication is sometimes outdated and does not scale, while novel technologies have the potential to greatly improve disaster response efficiency. To allow adoption of these novel technologies, ICT system designers have to take into account the particular needs of DROs and characteristics of International Disaster Response (IDR). This work attempts to bring the humanitarian and ICT communities closer together. In this work, we analyze IDR-related documents and conduct expert interviews. Using open coding, we extract empirical insights and translate the peculiarities of DRO coordination and operation into tangible ICT design requirements. This information is based on interviews with active IDR staff as well as DRO guidelines and reports. Ultimately, the goal of this paper is to serve as a reference for future ICT research endeavors to support and increase the efficiency of IDR operations.
@article{stute_empirical_2020,
title = {Empirical {Insights} for {Designing} {Information} and {Communication} {Technology} for {International} {Disaster} {Response}},
volume = {47},
url = {https://www.sciencedirect.com/science/article/pii/S2212420919309501},
doi = {10.1016/j.ijdrr.2020.101598},
abstract = {Due to the increase in natural disasters in the past years, Disaster Response Organizations (DROs) are faced with the challenge of coping with more and larger operations. Currently appointed Information and Communications Technology (ICT) used for coordination and communication is sometimes outdated and does not scale, while novel technologies have the potential to greatly improve disaster response efficiency. To allow adoption of these novel technologies, ICT system designers have to take into account the particular needs of DROs and characteristics of International Disaster Response (IDR). This work attempts to bring the humanitarian and ICT communities closer together. In this work, we analyze IDR-related documents and conduct expert interviews. Using open coding, we extract empirical insights and translate the peculiarities of DRO coordination and operation into tangible ICT design requirements. This information is based on interviews with active IDR staff as well as DRO guidelines and reports. Ultimately, the goal of this paper is to serve as a reference for future ICT research endeavors to support and increase the efficiency of IDR operations.},
number = {101598},
journal = {International Journal of Disaster Risk Reduction (IJDRR)},
author = {Stute, Milan and Maass, Max and Schons, Tom and Kaufhold, Marc-André and Reuter, Christian and Hollick, Matthias},
year = {2020},
keywords = {Student, UsableSec, Crisis, Projekt-emergenCITY, A-Paper, Ranking-ImpactFactor},
pages = {1--10},
}
2019
[BibTeX] [Abstract] [Download PDF]
Social media have been established in many natural disasters or human‐induced crises and emergencies. Nowadays, authorities, such as emergency services, and citizens engage with social media in different phases of the emergency management cycle. However, as research in crisis informatics highlights, one remaining issue constitutes the chaotic use of social media by citizens during emergencies, which has the potential to increase the complexity of tasks, uncertainty, and pressure for emergency services. To counter these risks, besides implementing supportive technology, social media guidelines may help putting artefact and theoretical contributions into practical use for authorities and citizens. This paper presents the design and evaluation (with 1,024 participants) of citizens‘ guidelines for using social media before, during, and after emergencies.
@article{kaufhold_avoiding_2019,
title = {Avoiding {Chaotic} {Use} of {Social} {Media} before, during, and after {Emergencies}: {Design} and {Evaluation} of {Citizens}' {Guidelines}},
volume = {27},
url = {http://www.peasec.de/paper/2019/2019_KaufholdGizikisReuterHabdankGrinko_DesignEvaluationCitizenGuidelines_JCCM.pdf},
doi = {10.1111/1468-5973.12249},
abstract = {Social media have been established in many natural disasters or human‐induced crises and emergencies. Nowadays, authorities, such as emergency services, and citizens engage with social media in different phases of the emergency management cycle. However, as research in crisis informatics highlights, one remaining issue constitutes the chaotic use of social media by citizens during emergencies, which has the potential to increase the complexity of tasks, uncertainty, and pressure for emergency services. To counter these risks, besides implementing supportive technology, social media guidelines may help putting artefact and theoretical contributions into practical use for authorities and citizens. This paper presents the design and evaluation (with 1,024 participants) of citizens' guidelines for using social media before, during, and after emergencies.},
number = {3},
journal = {Journal of Contingencies and Crisis Management (JCCM)},
author = {Kaufhold, Marc-André and Gizikis, Alexis and Reuter, Christian and Habdank, Matthias and Grinko, Margarita},
year = {2019},
keywords = {Crisis, HCI, A-Paper, AuswahlKaufhold, Ranking-ImpactFactor, SocialMedia, Projekt-KontiKat, Projekt-EmerGent},
pages = {198--213},
}
[BibTeX] [Abstract] [Download PDF]
Usage of social media during emergencies and respective perceptions vary across countries. Our representative survey of 7,071 citizens in Europe (Germany, Italy, the Netherlands and the United Kingdom) shows differences of current use of social media in emergencies, expectations towards authorities monitoring social media, intensity of perceiving barriers regarding the use as well as variances concerning the (likelihood of future) use of mobile apps. While German and British participants‘ frequency of use of social media is medium and low, respectively, Italian and Dutch respondents use them relatively frequently. Our comparison of the four countries allows for an interpretation of divergent behavior across countries with respect to risk cultures as well as expanding the respective model to social media contexts. At the same time, our findings stress that across the four European countries participants assessed similar advantages like dissemination of information and barriers like false rumors with respect to use social media during emergencies. Distributed equally across nations, age and gender showed significant relationships with social media usage which, among other findings, suggests being helpful for effective implementation of management structures using new technologies.
@article{reuter_impact_2019,
title = {The {Impact} of {Risk} {Cultures}: {Citizens}' {Perception} of {Social} {Media} {Use} in {Emergencies} across {Europe}},
volume = {148},
url = {http://www.peasec.de/paper/2019/2019_ReuterKaufholdSchmidSpielhoferHahne_TheImpactofRiskCultures_TFSC.pdf},
doi = {10.1016/j.techfore.2019.119724},
abstract = {Usage of social media during emergencies and respective perceptions vary across countries. Our representative survey of 7,071 citizens in Europe (Germany, Italy, the Netherlands and the United Kingdom) shows differences of current use of social media in emergencies, expectations towards authorities monitoring social media, intensity of perceiving barriers regarding the use as well as variances concerning the (likelihood of future) use of mobile apps. While German and British participants' frequency of use of social media is medium and low, respectively, Italian and Dutch respondents use them relatively frequently. Our comparison of the four countries allows for an interpretation of divergent behavior across countries with respect to risk cultures as well as expanding the respective model to social media contexts. At the same time, our findings stress that across the four European countries participants assessed similar advantages like dissemination of information and barriers like false rumors with respect to use social media during emergencies. Distributed equally across nations, age and gender showed significant relationships with social media usage which, among other findings, suggests being helpful for effective implementation of management structures using new technologies.},
number = {119724},
journal = {Technological Forecasting and Social Change (TFSC)},
author = {Reuter, Christian and Kaufhold, Marc-André and Schmid, Stefka and Spielhofer, Thomas and Hahne, Anna Sophie},
year = {2019},
keywords = {Crisis, HCI, A-Paper, Selected, AuswahlCrisis, Ranking-ImpactFactor, SocialMedia, Projekt-EmerGent, Ranking-VHB-B},
pages = {1--17},
}
[BibTeX] [Abstract] [Download PDF]
On-site work of emergency service teams consists of highly cooperative tasks. Especially during distributed search and rescue tasks there is a constant mix of routinized and non-routinized activities. Within this paper we focus on the work practices of the German Red Cross Rescue Dog Units who deal with several uncertainties regarding the involved dogs, the fragility of the respective situations as well as issues of using technologies under enormous time pressure. Smart glasses provide possibilities for enhanced and hands-free interaction in various contexts and a number of approaches have already been applied, aiming at efficient use of the respective technological innovation in private and professional contexts. However, the collaborative potential of smart glasses in time-critical and uncertain situations is still unexplored. Our design case study examines how the on-site work of emergency service teams can be supported by smart glasses: Based on examining the work practices of the German Red Cross Rescue Dogs, we introduce ‘RescueGlass‘ as a coordinative concept, encompassing hands-free head-mounted display (HMD) application as well as a corresponding smartphone application. Finally, we describe the evaluation of its use in the field of emergency response and management. We show how current features such as ‘fog of war‘ or various sensors support the cooperative practices of dog handlers, and outline current technical limitations offering future research questions. Our paper provides an initial design probe using smart glasses to engage in the field of collaborative professional mobile tasks.
@article{reuter_rescueglass_2019,
title = {{RescueGlass}: {Collaborative} {Applications} involving {Head}-{Mounted} {Displays} for {Red} {Cross} {Rescue} {Dog} {Units}},
volume = {28},
url = {http://www.peasec.de/paper/2019/2019_ReuterLudwigMischur_RescueGlass_JCSCW.pdf},
doi = {10.1007/s10606-018-9339-8},
abstract = {On-site work of emergency service teams consists of highly cooperative tasks. Especially during distributed search and rescue tasks there is a constant mix of routinized and non-routinized activities. Within this paper we focus on the work practices of the German Red Cross Rescue Dog Units who deal with several uncertainties regarding the involved dogs, the fragility of the respective situations as well as issues of using technologies under enormous time pressure. Smart glasses provide possibilities for enhanced and hands-free interaction in various contexts and a number of approaches have already been applied, aiming at efficient use of the respective technological innovation in private and professional contexts. However, the collaborative potential of smart glasses in time-critical and uncertain situations is still unexplored. Our design case study examines how the on-site work of emergency service teams can be supported by smart glasses: Based on examining the work practices of the German Red Cross Rescue Dogs, we introduce ‘RescueGlass' as a coordinative concept, encompassing hands-free head-mounted display (HMD) application as well as a corresponding smartphone application. Finally, we describe the evaluation of its use in the field of emergency response and management. We show how current features such as ‘fog of war' or various sensors support the cooperative practices of dog handlers, and outline current technical limitations offering future research questions. Our paper provides an initial design probe using smart glasses to engage in the field of collaborative professional mobile tasks.},
number = {1-2},
journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
author = {Reuter, Christian and Ludwig, Thomas and Mischur, Patrick},
year = {2019},
keywords = {Security, UsableSec, Crisis, HCI, A-Paper, Ranking-ImpactFactor, Projekt-KontiKat, Infrastructure, Cooperation, Ranking-CORE-B, Projekt-KOKOS, Ranking-VHB-B},
pages = {209--246},
}
[BibTeX] [Abstract] [Download PDF]
In this paper, we explore a specialized type of knowledge, „nomadic knowledge“ to understand its implications in knowledge sharing process. Nomadic knowledge is enacted in a discontinuous pattern with a changing set of actors and further flows on a definedtrajectory. This knowledge is quite important but is required sporadically, so it has a varying level of importance for stakeholders at different instances of time. The limited interest of knowledge holders after the creation of knowledge makes the knowledge sharing processcomplex. Furthermore, new sets of actors overloaded with tasks often ignore the knowledge sharing aspect due to the urgency of tasks at hand. Using a long-term field study we describe a particular practice that is not well supported technologically. The objective of this paper is to outline the concept of nomadic knowledge and associated implications, so that respective practices can be supported by the knowledge management community with appropriate technology.
@article{saeed_nomadic_2019,
title = {Nomadic {Knowledge} {Sharing} {Practices} and {Challenges}: {Findings} from a {Long}-term {Case} {Study}},
volume = {7},
url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=8715497},
doi = {10.1109/ACCESS.2019.2916903},
abstract = {In this paper, we explore a specialized type of knowledge, "nomadic knowledge" to understand its implications in knowledge sharing process. Nomadic knowledge is enacted in a discontinuous pattern with a changing set of actors and further flows on a definedtrajectory. This knowledge is quite important but is required sporadically, so it has a varying level of importance for stakeholders at different instances of time. The limited interest of knowledge holders after the creation of knowledge makes the knowledge sharing processcomplex. Furthermore, new sets of actors overloaded with tasks often ignore the knowledge sharing aspect due to the urgency of tasks at hand. Using a long-term field study we describe a particular practice that is not well supported technologically. The objective of this paper is to outline the concept of nomadic knowledge and associated implications, so that respective practices can be supported by the knowledge management community with appropriate technology.},
number = {1},
journal = {IEEE Access},
author = {Saeed, Saqib and Pipek, Volkmar and Rohde, Markus and Reuter, Christian and Pinatti De Carvalho, Aparecido Fabiano and Wulf, Volker},
year = {2019},
keywords = {HCI, A-Paper, Ranking-ImpactFactor, Cooperation, Ranking-CORE-B},
pages = {63564--63577},
}
2018
[BibTeX] [Abstract] [Download PDF]
Emergencies threaten human lives and overall societal continuity, whether or not the crises and disas- ters are induced by nature, such as earthquakes, floods and hurricanes, or by human beings, such as accidents, terror attacks and uprisings. In such situations, not only do citizens demand information about the damage and safe behaviour, but emergency services also require high quality information to improve situational awareness. For this purpose, there are currently two kinds of apps available: Gen- eral-purpose apps, such as Facebook Safety Check or Twitter Alerts, already integrate safety features. Specific crisis apps, such as KATWARN in Germany or FEMA in the US, provide information on how to behave before, during and after emergencies, and capabilities for reporting incidents or receiving disaster warnings. In this paper, we analyse authorities‘ and citizens‘ information demands and features of crisis apps. Moreover, we present the concept, implementation and evaluation of a crisis app for incident reporting and bidirectional communication between authorities and citizens. Using the app, citizens may (1) report incidents by providing a category, description, location and multimedia files and (2) receive broadcasts and responses from authorities. Finally, we outline features, requirements and contextual factors for incident reporting and bidirectional communication via mobile app.
@inproceedings{kaufhold_112social_2018,
address = {Portsmouth, UK},
title = {112.{SOCIAL}: {Design} and {Evaluation} of a {Mobile} {Crisis} {App} for {Bidirectional} {Communication} between {Emergency} {Services} and {Citizen}},
url = {https://peasec.de/paper/2018/2018_KaufholdRuppReuterAmelunxenCristaldi_112Social_ECIS.pdf},
abstract = {Emergencies threaten human lives and overall societal continuity, whether or not the crises and disas- ters are induced by nature, such as earthquakes, floods and hurricanes, or by human beings, such as accidents, terror attacks and uprisings. In such situations, not only do citizens demand information about the damage and safe behaviour, but emergency services also require high quality information to improve situational awareness. For this purpose, there are currently two kinds of apps available: Gen- eral-purpose apps, such as Facebook Safety Check or Twitter Alerts, already integrate safety features. Specific crisis apps, such as KATWARN in Germany or FEMA in the US, provide information on how to behave before, during and after emergencies, and capabilities for reporting incidents or receiving disaster warnings. In this paper, we analyse authorities' and citizens' information demands and features of crisis apps. Moreover, we present the concept, implementation and evaluation of a crisis app for incident reporting and bidirectional communication between authorities and citizens. Using the app, citizens may (1) report incidents by providing a category, description, location and multimedia files and (2) receive broadcasts and responses from authorities. Finally, we outline features, requirements and contextual factors for incident reporting and bidirectional communication via mobile app.},
booktitle = {Proceedings of the {European} {Conference} on {Information} {Systems} ({ECIS})},
publisher = {AIS},
author = {Kaufhold, Marc-André and Rupp, Nicola and Reuter, Christian and Amelunxen, Christoph and Cristaldi, Massimo},
year = {2018},
keywords = {Crisis, HCI, A-Paper, Ranking-CORE-A, Projekt-KontiKat, Cooperation, Projekt-EmerGent, Ranking-VHB-B, Ranking-WKWI-A},
pages = {1--17},
}
[BibTeX] [Abstract] [Download PDF]
Since the terrorist attacks of 9/11, the use of social media in emergency and crisis events has greatly increased and many studies have concentrated on the use of ICT and social media be-fore, during or after these events. The field of research that these studies fall under is called cri-sis informatics. In this paper, we evaluate and analyze crisis informatics research by looking at case studies of social media use in emergencies, outlining the types of research found in crisis informatics, and expounding upon the forms of interaction that have been researched. Finally, we summarize the achievements from an HCI perspective and outline trends and challenges for future research.
@article{reuter_social_2018,
title = {Social {Media} in {Crisis} {Management}: {An} {Evaluation} and {Analysis} of {Crisis} {Informatics} {Research}},
volume = {34},
url = {http://www.peasec.de/paper/2018/2018_ReuterHughesKaufhold_SocialMediaCrisisManagementEvaluation_IJHCI.pdf},
doi = {10.1080/10447318.2018.1427832},
abstract = {Since the terrorist attacks of 9/11, the use of social media in emergency and crisis events has greatly increased and many studies have concentrated on the use of ICT and social media be-fore, during or after these events. The field of research that these studies fall under is called cri-sis informatics. In this paper, we evaluate and analyze crisis informatics research by looking at case studies of social media use in emergencies, outlining the types of research found in crisis informatics, and expounding upon the forms of interaction that have been researched. Finally, we summarize the achievements from an HCI perspective and outline trends and challenges for future research.},
number = {4},
journal = {International Journal on Human-Computer Interaction (IJHCI)},
author = {Reuter, Christian and Hughes, Amanda Lee and Kaufhold, Marc-André},
year = {2018},
keywords = {Peace, Crisis, HCI, A-Paper, Selected, AuswahlCrisis, Ranking-ImpactFactor, SocialMedia, Projekt-KontiKat, Ranking-CORE-B, Ranking-WKWI-B},
pages = {280--294},
}
[BibTeX] [Abstract] [Download PDF]
Social media has been established in many larger emergencies and crises. This process has not started just a few years ago, but already 15 years ago in 2001 after the terrorist attacks of 9/11. In the following years, especially in the last 10, sometimes summarized under the term crisis informatics, a variety of studies focusing on the use of ICT and social media before, during or after nearly every crisis and emergency has arisen. This article aims to recapitulate 15 years of social media in emergencies and its research with a special emphasis on use patterns, role patterns and perception patterns that can be found across different cases in order to point out what has been achieved so far, and what future potentials exist.
@article{reuter_fifteen_2018,
title = {Fifteen {Years} of {Social} {Media} in {Emergencies}: {A} {Retrospective} {Review} and {Future} {Directions} for {Crisis} {Informatics}},
volume = {26},
url = {http://www.peasec.de/paper/2018/2018_ReuterKaufhold_FifteenYearsSocialMediaEmergencies_JCCM.pdf},
doi = {10.1111/1468-5973.12196},
abstract = {Social media has been established in many larger emergencies and crises. This process has not started just a few years ago, but already 15 years ago in 2001 after the terrorist attacks of 9/11. In the following years, especially in the last 10, sometimes summarized under the term crisis informatics, a variety of studies focusing on the use of ICT and social media before, during or after nearly every crisis and emergency has arisen. This article aims to recapitulate 15 years of social media in emergencies and its research with a special emphasis on use patterns, role patterns and perception patterns that can be found across different cases in order to point out what has been achieved so far, and what future potentials exist.},
number = {1},
journal = {Journal of Contingencies and Crisis Management (JCCM)},
author = {Reuter, Christian and Kaufhold, Marc-André},
year = {2018},
keywords = {Peace, Crisis, HCI, A-Paper, AuswahlKaufhold, Selected, AuswahlCrisis, Ranking-ImpactFactor, SocialMedia, Projekt-EmerGent, Projekt-KOKOS},
pages = {41--57},
}
2017
[BibTeX] [Abstract] [Download PDF]
Abstract Although emergency services have already recognized the importance of citizen-initiated activities during disasters, still questions with regard to the coordination of spontaneous volunteers and their activities arise. Within our article, we will present a technological approach based on public displays which aims to foster situated crowdsourcing between affected citizens, spontaneous volunteers as well as official emergency services. We will address the research question: How can the situated tasks performed by spontaneous volunteers be supported by the use of public displays during disasters? First we will present the current state of the art with regard to the coordination practices of spontaneous volunteers and emergency services within disaster situations as well as related problems, potentials and specifics of situated crowdsourcing and public displays. To gain insight into actual coordination practices, we conducted an empirical study with 18 different stakeholders involved in disaster management. Based on the literature review and our empirical study, we have derived a technical concept that supports the task and activity management of spontaneous volunteers as well as the coordination both of the demands of affected people and the offers from spontaneous volunteers. We have implemented our concept as the public display application ‘City-Share‘, which provides a robust communication infrastructure and encompasses situated crowdsourcing mechanisms for managing offers and demands of activities on-the-ground. Based on its evaluation with several users, we will discuss our findings with regard to the assignment of tasks on-the-ground and situated crowdsourcing during emergencies. We outline that City-Share can improve a community’s disaster resilience, especially when focusing on the kind of collaborative resilience emerging between official stakeholders and spontaneous volunteers or affected citizens at a local level.
@article{ludwig_situated_2017,
title = {Situated crowdsourcing during disasters: {Managing} the tasks of spontaneous volunteers through public displays},
volume = {102},
url = {http://www.peasec.de/paper/2017/2017_Ludwigetal_SituatedCrowdsourcingPublicDisplay_IJHCS.pdf},
doi = {10.1016/j.ijhcs.2016.09.008},
abstract = {Abstract Although emergency services have already recognized the importance of citizen-initiated activities during disasters, still questions with regard to the coordination of spontaneous volunteers and their activities arise. Within our article, we will present a technological approach based on public displays which aims to foster situated crowdsourcing between affected citizens, spontaneous volunteers as well as official emergency services. We will address the research question: How can the situated tasks performed by spontaneous volunteers be supported by the use of public displays during disasters? First we will present the current state of the art with regard to the coordination practices of spontaneous volunteers and emergency services within disaster situations as well as related problems, potentials and specifics of situated crowdsourcing and public displays. To gain insight into actual coordination practices, we conducted an empirical study with 18 different stakeholders involved in disaster management. Based on the literature review and our empirical study, we have derived a technical concept that supports the task and activity management of spontaneous volunteers as well as the coordination both of the demands of affected people and the offers from spontaneous volunteers. We have implemented our concept as the public display application ‘City-Share', which provides a robust communication infrastructure and encompasses situated crowdsourcing mechanisms for managing offers and demands of activities on-the-ground. Based on its evaluation with several users, we will discuss our findings with regard to the assignment of tasks on-the-ground and situated crowdsourcing during emergencies. We outline that City-Share can improve a community's disaster resilience, especially when focusing on the kind of collaborative resilience emerging between official stakeholders and spontaneous volunteers or affected citizens at a local level.},
number = {C},
journal = {International Journal on Human-Computer Studies (IJHCS)},
author = {Ludwig, Thomas and Kotthaus, Christoph and Reuter, Christian and Dongen, Sören Van and Pipek, Volkmar},
year = {2017},
keywords = {Student, Crisis, HCI, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, Cooperation, Projekt-KOKOS, Ranking-WKWI-B},
pages = {103--121},
}
[BibTeX] [Abstract] [Download PDF]
In recent years, social media have increased the resources that individuals and organizations are able to mobilize for the development of socially innovative practices. In this article, we engage with a naturally occurring development in a Trentinian neighbourhood to examine the cooperative interactions amongst members of a local community. The first author and local residents of the neighbourhood participated in online discussions, decision making, and physical activities that led to material changes in the area. The interventions are motivated by and based on the concept of Social Street that combines online interactions in a closed Facebook group with face-to-face meetings seeking to practically engage the collective in accomplishing certain immediate or ongoing needs. Over the course of two years, we studied this local instantiation of Social Street in Trento, Italy by way of an action-oriented (digital) ethnography. Through this work, we demonstrate how urban neighbourhoods might benefit from hybrid forms of community engagement that are enacted through a constant back and forth between online and face-to-face interactions. We further argue that the infrastructuring of local urban collectives should follow strategies that pay attention to the multiple issues in urban neighbourhoods and people’s attachments to them. Overall, the paper reflects upon the challenges and configurations of participation that this form of community-work entails.
@article{mosconi_facebook_2017,
title = {From {Facebook} to the {Neighbourhood}: {Infrastructuring} of {Hybrid} {Community} {Engagement}},
volume = {26},
url = {https://link.springer.com/article/10.1007/s10606-017-9291-z},
doi = {10.1007/s10606-017-9291-z},
abstract = {In recent years, social media have increased the resources that individuals and organizations are able to mobilize for the development of socially innovative practices. In this article, we engage with a naturally occurring development in a Trentinian neighbourhood to examine the cooperative interactions amongst members of a local community. The first author and local residents of the neighbourhood participated in online discussions, decision making, and physical activities that led to material changes in the area. The interventions are motivated by and based on the concept of Social Street that combines online interactions in a closed Facebook group with face-to-face meetings seeking to practically engage the collective in accomplishing certain immediate or ongoing needs. Over the course of two years, we studied this local instantiation of Social Street in Trento, Italy by way of an action-oriented (digital) ethnography. Through this work, we demonstrate how urban neighbourhoods might benefit from hybrid forms of community engagement that are enacted through a constant back and forth between online and face-to-face interactions. We further argue that the infrastructuring of local urban collectives should follow strategies that pay attention to the multiple issues in urban neighbourhoods and people's attachments to them. Overall, the paper reflects upon the challenges and configurations of participation that this form of community-work entails.},
number = {4-6},
journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
author = {Mosconi, Gaia and Korn, Matthias and Reuter, Christian and Tolmie, Peter and Teli, Maurizio and Pipek, Volkmar},
year = {2017},
keywords = {Crisis, HCI, A-Paper, Ranking-ImpactFactor, SocialMedia, Ranking-CORE-B, Projekt-KOKOS, Ranking-VHB-B},
pages = {959--1003},
}
[BibTeX] [Abstract] [Download PDF]
Social media is increasingly being used during emergencies. Most available studies are focused on how citizens and/or authorities use these technologies in concrete events. However, larger quantitative studies with significant results on attitudes, needs and future plans of citizens in such events are not available – especially such of a comparative nature related to emergency services. As part of the EU project ‘EmerGent‘ this article presents the findings of a survey of 1034 citizens across 30 European countries conducted between February and June 2015 to explore citizens‘ attitudes towards the use of social media for private purposes and in emergency situations. The article briefly compares these findings with a second survey conducted with 761 emergency service staff across 32 European countries from September to December 2014. The aim of the overall study is to discuss citizens‘ attitudes towards social media in emergencies in order to derive challenges and opportunities for social resilience.
@article{reuter_towards_2017,
title = {Towards {Social} {Resilience}: {A} {Quantitative} and {Qualitative} {Survey} on {Citizens}' {Perception} of {Social} {Media} in {Emergencies} in {Europe}},
volume = {121},
url = {http://www.sciencedirect.com/science/article/pii/S0040162516301986},
doi = {10.1016/j.techfore.2016.07.038},
abstract = {Social media is increasingly being used during emergencies. Most available studies are focused on how citizens and/or authorities use these technologies in concrete events. However, larger quantitative studies with significant results on attitudes, needs and future plans of citizens in such events are not available - especially such of a comparative nature related to emergency services. As part of the EU project ‘EmerGent' this article presents the findings of a survey of 1034 citizens across 30 European countries conducted between February and June 2015 to explore citizens' attitudes towards the use of social media for private purposes and in emergency situations. The article briefly compares these findings with a second survey conducted with 761 emergency service staff across 32 European countries from September to December 2014. The aim of the overall study is to discuss citizens' attitudes towards social media in emergencies in order to derive challenges and opportunities for social resilience.},
journal = {Journal Technological Forecasting and Social Change (TFSC)},
author = {Reuter, Christian and Spielhofer, Thomas},
year = {2017},
keywords = {RSF, Crisis, HCI, A-Paper, Ranking-ImpactFactor, SocialMedia, Projekt-EmerGent, Ranking-VHB-B},
pages = {168--180},
}
[BibTeX] [Abstract] [Download PDF]
Crises, such as thunderstorms and an increasing number of (recognised) terroristic attacks in 2015, 2016, and 2017, do not only lead to extensive monetary damage, but also threaten human lives and influence citizens‘ perceptions of safety and security. In such situations, the population demands information about the damage and safe behaviour. Although some apps are available to provide this information, the number of users seems relatively low. Focussing on Germany, this study aims to research (1) the distribution of crisis apps in the population, (2) the kinds of crisis apps currently used, as well as (3) needed core functionalities of warning apps. This multi-method study analyses crisis apps by investigating their utilisation quantitatively in a snowball-based survey in Europe (n=1,034) and in a representative survey in Germany (n=1,369). Based on this, the German warning apps Katwarn and NINA and the US-American app FEMA are evaluated qualitatively (n=22). The results revealed requirements which informed the implementation of a warning app prototype. The prototype combines the identified advantages of the apps evaluated in the study, containing warnings and all-clear, recommendations for action, functions to contact friends and helpers. The contributions of this work are findings on the distribution of crisis apps in Europe and Germany (both 16\%), the kinds of crisis apps used (mostly weather and warning apps), and empirically based requirements for warning apps which can be integrated in further developments of existing apps and a prototype for such an app.
@inproceedings{reuter_katwarn_2017,
address = {Guimarães, Portugal},
title = {Katwarn, {NINA} or {FEMA}? {Multi}-{Method} {Study} on {Distribution}, {Use} and {Public} {Views} on {Crisis} {Apps}},
url = {http://www.peasec.de/paper/2017/2017_ReuterKaufholdLeopoldKnipp_CrisisApps_ECIS.pdf},
abstract = {Crises, such as thunderstorms and an increasing number of (recognised) terroristic attacks in 2015, 2016, and 2017, do not only lead to extensive monetary damage, but also threaten human lives and influence citizens' perceptions of safety and security. In such situations, the population demands information about the damage and safe behaviour. Although some apps are available to provide this information, the number of users seems relatively low. Focussing on Germany, this study aims to research (1) the distribution of crisis apps in the population, (2) the kinds of crisis apps currently used, as well as (3) needed core functionalities of warning apps. This multi-method study analyses crisis apps by investigating their utilisation quantitatively in a snowball-based survey in Europe (n=1,034) and in a representative survey in Germany (n=1,369). Based on this, the German warning apps Katwarn and NINA and the US-American app FEMA are evaluated qualitatively (n=22). The results revealed requirements which informed the implementation of a warning app prototype. The prototype combines the identified advantages of the apps evaluated in the study, containing warnings and all-clear, recommendations for action, functions to contact friends and helpers. The contributions of this work are findings on the distribution of crisis apps in Europe and Germany (both 16\%), the kinds of crisis apps used (mostly weather and warning apps), and empirically based requirements for warning apps which can be integrated in further developments of existing apps and a prototype for such an app.},
booktitle = {European {Conference} on {Information} {Systems} ({ECIS})},
publisher = {AIS},
author = {Reuter, Christian and Kaufhold, Marc-André and Leopold, Inken and Knipp, Hannah},
year = {2017},
keywords = {Peace, Student, Crisis, HCI, A-Paper, Ranking-CORE-A, Projekt-KontiKat, Projekt-EmerGent, Ranking-VHB-B, Ranking-WKWI-A},
pages = {2187--2201},
}
[BibTeX] [Abstract] [Download PDF]
The value of social media in crises, disasters, and emergencies across different events (e.g. floods, storms, terroristic attacks), countries, and for heterogeneous participants (e.g. citizens, emergency services) is now well-attested. Existing work has examined the potentials and weaknesses of its use during specific events. Fewer studies, however, have focused on citizens‘ perceptions of social media in emergencies, and none have deployed a representative sample to examine this. We present the results of the first representative study on citizens‘ perception of social media in emergencies that we have conducted in Germany. Our study highlights, for example, that around half (45\%) of people have used social media during an emergency to share and / or look for information. In contrast, false rumours on social media (74\%) are perceived as a threat. Moreover, only a minority of people have downloaded a smartphone app for emergencies (16\%), with the most popular ones‘ weather and first aid apps.
@article{reuter_social_2017-1,
title = {Social {Media} in {Emergencies}: {A} {Representative} {Study} on {Citizens}' {Perception} in {Germany}},
volume = {1},
url = {http://www.peasec.de/paper/2017/2017_ReuterKaufholdSpielhoferHahne_SocialMediaEmergenciesGermany_CSCW.pdf},
doi = {10.1145/3134725},
abstract = {The value of social media in crises, disasters, and emergencies across different events (e.g. floods, storms, terroristic attacks), countries, and for heterogeneous participants (e.g. citizens, emergency services) is now well-attested. Existing work has examined the potentials and weaknesses of its use during specific events. Fewer studies, however, have focused on citizens' perceptions of social media in emergencies, and none have deployed a representative sample to examine this. We present the results of the first representative study on citizens' perception of social media in emergencies that we have conducted in Germany. Our study highlights, for example, that around half (45\%) of people have used social media during an emergency to share and / or look for information. In contrast, false rumours on social media (74\%) are perceived as a threat. Moreover, only a minority of people have downloaded a smartphone app for emergencies (16\%), with the most popular ones' weather and first aid apps.},
number = {2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Reuter, Christian and Kaufhold, Marc-André and Spielhofer, Thomas and Hahne, Anna Sophie},
year = {2017},
note = {Place: New York, USA},
keywords = {Crisis, HCI, A-Paper, Ranking-CORE-A, SocialMedia, Projekt-KontiKat, Projekt-EmerGent, Ranking-WKWI-B},
pages = {1--19},
}
2016
[BibTeX] [Abstract] [Download PDF]
In recent years, citizens‘ movements such as the Arab Spring or Euromaidan protests have clearly shown that, whenever affected — whether negatively or positively — by the state and government decisions, citizens act to deal with the shared issues. Groups of people who organize themselves to address (mainly political) issues were defined as a `public‘ by the philosopher John Dewey. He believed it is necessary to improve communication to create a `Great Community‘ as a cohesive group of a public. Although information and communication technologies (ICT) lead to ambivalent effects on pursuing this goal and often distract the mass of people from discussing these issues, we argue that nowadays ICT can improve communication and has the potential to foster the detection of issues and therefore promote the (trans-)formation of a public into an issue-based community. As our foundation we took a literature study covering the formation of publics and their potential to evolve into communities, as well as their interplay with technology. This formed the basis for the development of our operational model that `follows the issues‘ for capturing the (trans-)formation of a public. Based on our model, we outline different perspectives on detecting shared issues as early indicators for publics based on ICT and derive implications for researching this process from a practical perspective.
@article{ludwig_publics_2016,
title = {From {Publics} to {Communities}: {Researching} the {Path} of {Shared} {Issues} {Through} {ICT}},
volume = {25},
url = {https://www.wineme.uni-siegen.de/paper/2016/2016_ludwigreuterpipek_frompublicstocommunities_jcscw.pdf},
doi = {10.1007/s10606-016-9252-y},
abstract = {In recent years, citizens' movements such as the Arab Spring or Euromaidan protests have clearly shown that, whenever affected — whether negatively or positively — by the state and government decisions, citizens act to deal with the shared issues. Groups of people who organize themselves to address (mainly political) issues were defined as a `public' by the philosopher John Dewey. He believed it is necessary to improve communication to create a `Great Community' as a cohesive group of a public. Although information and communication technologies (ICT) lead to ambivalent effects on pursuing this goal and often distract the mass of people from discussing these issues, we argue that nowadays ICT can improve communication and has the potential to foster the detection of issues and therefore promote the (trans-)formation of a public into an issue-based community. As our foundation we took a literature study covering the formation of publics and their potential to evolve into communities, as well as their interplay with technology. This formed the basis for the development of our operational model that `follows the issues' for capturing the (trans-)formation of a public. Based on our model, we outline different perspectives on detecting shared issues as early indicators for publics based on ICT and derive implications for researching this process from a practical perspective.},
number = {2-3},
journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
author = {Ludwig, Thomas and Reuter, Christian and Pipek, Volkmar},
year = {2016},
note = {Place: Norwell, MA, USA
Publisher: Kluwer Academic Publishers},
keywords = {HCI, A-Paper, Ranking-ImpactFactor, SocialMedia, Cooperation, Projekt-EmerGent, Ranking-CORE-B, Ranking-VHB-B},
pages = {193--225},
}
[BibTeX] [Abstract] [Download PDF]
Various studies show that social media is used in emergencies – and that in spite of possible challenges for emergency services, beneficial use cases can be identified. However, relatively little empirical data is available regarding the attitudes of emergency services towards social media, and almost none of a comparative nature. This article summarizes the findings of a survey conducted of the EU project ‘EmerGent‘ with 761 emergency service staff across 32 European countries from September to December 2014. The main aims of the survey were to explore the attitudes expressed by emergency service staff towards social media for private and organizational use as well as the levels and main factors influencing the current and likely future use of social media in their organizations. Based on our results, we discuss possible enhancements of the emergency management cycle using social media.
@article{reuter_emergency_2016,
title = {Emergency {Services} {Attitudes} towards {Social} {Media}: {A} {Quantitative} and {Qualitative} {Survey} across {Europe}},
volume = {95},
url = {https://peasec.de/paper/2016/2016_ReuterLudwigKaufholdSpielhofer_EmergencyServicesAttiudesSurveySocialMedia_IJHCS.pdf},
doi = {10.1016/j.ijhcs.2016.03.005},
abstract = {Various studies show that social media is used in emergencies – and that in spite of possible challenges for emergency services, beneficial use cases can be identified. However, relatively little empirical data is available regarding the attitudes of emergency services towards social media, and almost none of a comparative nature. This article summarizes the findings of a survey conducted of the EU project ‘EmerGent' with 761 emergency service staff across 32 European countries from September to December 2014. The main aims of the survey were to explore the attitudes expressed by emergency service staff towards social media for private and organizational use as well as the levels and main factors influencing the current and likely future use of social media in their organizations. Based on our results, we discuss possible enhancements of the emergency management cycle using social media.},
journal = {International Journal on Human-Computer Studies (IJHCS)},
author = {Reuter, Christian and Ludwig, Thomas and Kaufhold, Marc-André and Spielhofer, Thomas},
year = {2016},
keywords = {Crisis, HCI, A-Paper, AuswahlKaufhold, Selected, AuswahlCrisis, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia, Projekt-EmerGent, Ranking-WKWI-B},
pages = {96--111},
}
2015
[BibTeX] [Abstract] [Download PDF]
Emergencies such as the 2013 Central European flood or the 2013 typhoon Haiyan in Philippines have shown how citizens can organize themselves and coordinate private relief activities. These activities can be found in (physical) groups of affected people, but also within (digital) social media communities. There is an evident need, however, for a clearer picture of what exactly is going on to be available for use by the official emergency services: to enlist them, to keep them safe, to support their efforts and to avoid need-less duplications or conflicts. Aligning emergency services and volunteer activities is, then, crucial. In this paper we present a mobile crowd sensing based concept, which was designed as well as implemented as the application CrowdMonitor and facilitates the detection of physical and digital activities and the assignment of specific tasks to citizens. Finally, we outline the findings of its evaluation.
@inproceedings{ludwig_crowdmonitor_2015,
address = {New York, USA},
title = {{CrowdMonitor}: {Mobile} {Crowd} {Sensing} for {Assessing} {Physical} and {Digital} {Activities} of {Citizens} during {Emergencies}},
url = {https://www.wineme.uni-siegen.de/paper/2015/2015_ludwigreutersiebigterothpipek_crowdmonitor_chi.pdf},
abstract = {Emergencies such as the 2013 Central European flood or the 2013 typhoon Haiyan in Philippines have shown how citizens can organize themselves and coordinate private relief activities. These activities can be found in (physical) groups of affected people, but also within (digital) social media communities. There is an evident need, however, for a clearer picture of what exactly is going on to be available for use by the official emergency services: to enlist them, to keep them safe, to support their efforts and to avoid need-less duplications or conflicts. Aligning emergency services and volunteer activities is, then, crucial. In this paper we present a mobile crowd sensing based concept, which was designed as well as implemented as the application CrowdMonitor and facilitates the detection of physical and digital activities and the assignment of specific tasks to citizens. Finally, we outline the findings of its evaluation.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {ACM Press},
author = {Ludwig, Thomas and Reuter, Christian and Siebigteroth, Tim and Pipek, Volkmar},
editor = {Begole, Bo and Jinwoo, Kim and Kor, Inkpeni and Woontack, Woo},
year = {2015},
keywords = {Student, Crisis, HCI, A-Paper, Ranking-CORE-A*, Cooperation, Projekt-EmerGent, Ranking-WKWI-A},
pages = {4083--4092},
}
[BibTeX] [Abstract] [Download PDF]
People all over the world are regularly affected by disasters and emergencies. Besides official emergency services, ordinary citizens are getting increasingly involved in crisis response work. They are usually present on-site at the place of incident and use social media to share information about the event. For emergency services, the large amount of citizen-generated content in social media, however, means that finding high-quality information is similar to “finding a needle in a haystack”. This article presents an approach to how a dynamic and subjective quality assessment of citizen-generated content could support the work of emergency services. First, we present results of our empirical study concerning the usage of citizen-generated content by emergency services. Based on our literature review and empirical study, we derive design guidelines and describe a concept for dynamic quality measurement that is implemented as a service-oriented web-application “Social Haystack.” Finally, we outline findings of its evaluation and implications thereof.
@article{ludwig_social_2015,
title = {Social {Haystack}: {Dynamic} {Quality} {Assessment} of {Citizen}-{Generated} {Content} during {Emergencies}},
volume = {21},
url = {https://www.wineme.uni-siegen.de/paper/2015/2015_ludwigreuterpipek_socialhaystack_tochi.pdf},
doi = {10.1145/2749461},
abstract = {People all over the world are regularly affected by disasters and emergencies. Besides official emergency services, ordinary citizens are getting increasingly involved in crisis response work. They are usually present on-site at the place of incident and use social media to share information about the event. For emergency services, the large amount of citizen-generated content in social media, however, means that finding high-quality information is similar to “finding a needle in a haystack”. This article presents an approach to how a dynamic and subjective quality assessment of citizen-generated content could support the work of emergency services. First, we present results of our empirical study concerning the usage of citizen-generated content by emergency services. Based on our literature review and empirical study, we derive design guidelines and describe a concept for dynamic quality measurement that is implemented as a service-oriented web-application “Social Haystack.” Finally, we outline findings of its evaluation and implications thereof.},
number = {4},
journal = {ACM Transactions on Computer-Human Interaction (TOCHI)},
author = {Ludwig, Thomas and Reuter, Christian and Pipek, Volkmar},
year = {2015},
keywords = {Crisis, HCI, A-Paper, Ranking-CORE-A*, Ranking-ImpactFactor, SocialMedia, Projekt-EmerGent, Ranking-VHB-B, Ranking-WKWI-A},
pages = {Article 17},
}
[BibTeX] [Abstract] [Download PDF]
Recent disasters have shown an increase in the significance of social media for both affected citizens and volunteers alike in the coordination of information and organization of relief activities, often independently of and in addition to the official emergency response. Existing research mainly focuses on the way in which individual platforms are used by volunteers in response to disasters. This paper examines the use of social media during the European Floods of 2013 and proposes a novel cross-social-media application for volunteers. Besides comprehensive analysis of volunteer communities, interviews were conducted with „digital volunteers“ such as Facebook moderators of disaster-related groups. Based on the challenges identified, we designed and implemented the cross-social-media application „XHELP“, which allows information to be both, acquired and distributed cross-media and cross-channel. The evaluation with 20 users leads to further design requirements for applications aiming to support volunteer moderators during disasters.
@inproceedings{reuter_xhelp_2015,
address = {Seoul, Korea},
title = {{XHELP}: {Design} of a {Cross}-{Platform} {Social}-{Media} {Application} to {Support} {Volunteer} {Moderators} in {Disasters}},
url = {http://www.peasec.de/paper/2015/2015_ReuterLudwigKaufholdPipek_XHELP_CHI.pdf},
doi = {10.1145/2702123.2702171},
abstract = {Recent disasters have shown an increase in the significance of social media for both affected citizens and volunteers alike in the coordination of information and organization of relief activities, often independently of and in addition to the official emergency response. Existing research mainly focuses on the way in which individual platforms are used by volunteers in response to disasters. This paper examines the use of social media during the European Floods of 2013 and proposes a novel cross-social-media application for volunteers. Besides comprehensive analysis of volunteer communities, interviews were conducted with "digital volunteers" such as Facebook moderators of disaster-related groups. Based on the challenges identified, we designed and implemented the cross-social-media application "XHELP", which allows information to be both, acquired and distributed cross-media and cross-channel. The evaluation with 20 users leads to further design requirements for applications aiming to support volunteer moderators during disasters.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {ACM Press},
author = {Reuter, Christian and Ludwig, Thomas and Kaufhold, Marc-André and Pipek, Volkmar},
year = {2015},
keywords = {Crisis, HCI, A-Paper, AuswahlKaufhold, Ranking-CORE-A*, Selected, AuswahlCrisis, SocialMedia, Cooperation, Projekt-EmerGent, Ranking-WKWI-A},
pages = {4093--4102},
}
2014
[BibTeX] [Abstract] [Download PDF]
Emergency or crisis management, as is well-attested, is a complex management problem. A variety of agencies need to collaborate and coordinate in real-time and with an urgency that is not always present in other domains. It follows that accurate information of varying kinds (e.g. geographical and weather conditions; available skills and expertises; state-of-play; current dispositions and deployments) needs to be made available in a timely fashion to the organizations and individuals who need it. By definition, this information will come from a number of sources both within and across organizations. Large-scale events in particular necessitate collaboration with other organizations. Of course, plans and processes exist to deal with such events but the number of dynamically changing factors as well as the high number of heterogeneous organizations and the high degree of interdependency involved make it impossible to plan for all contingencies. A degree of ongoing improvisation, which typically occurs by means of a variety of information and expertise sharing practices, therefore becomes necessary. This, however, faces many challenges, such as different organizational cultures, distinct individual and coordinative work practices and discrete information systems. Our work entails an examination of the practices of information and expertise sharing, and the obstacles to it, in inter-organizational crisis management. We conceive of this as a design case study, such that we examine a problem area and its scope; conduct detailed enquiries into practice in that area, and provide design recommendations for implementation and evaluation. First, we will present the results of an empirical study of collaboration practices between organizations and public authorities with security responsibilities such as the police, fire departments, public administration and electricity network operators, mainly in scenarios of medium to large power outages in Germany. Based on these results, we will describe a concept, which was designed, implemented and evaluated as a system prototype, in two iterations. While the first iteration focuses on situation assessment, the second iteration also includes inter-organizational collaboration functionalities. Based on the findings of our evaluations with practitioners, we will discuss how to support collaboration with a particular focus on information and expertise sharing.
@article{ley_information_2014,
title = {Information and {Expertise} {Sharing} in {Inter}-{Organizational} {Crisis} {Management}},
volume = {23},
url = {https://www.wineme.uni-siegen.de/paper/2014/2014_informationsharingcrisis_jcscw.pdf},
doi = {10.1007/s10606-014-9205-2},
abstract = {Emergency or crisis management, as is well-attested, is a complex management problem. A variety of agencies need to collaborate and coordinate in real-time and with an urgency that is not always present in other domains. It follows that accurate information of varying kinds (e.g. geographical and weather conditions; available skills and expertises; state-of-play; current dispositions and deployments) needs to be made available in a timely fashion to the organizations and individuals who need it. By definition, this information will come from a number of sources both within and across organizations. Large-scale events in particular necessitate collaboration with other organizations. Of course, plans and processes exist to deal with such events but the number of dynamically changing factors as well as the high number of heterogeneous organizations and the high degree of interdependency involved make it impossible to plan for all contingencies. A degree of ongoing improvisation, which typically occurs by means of a variety of information and expertise sharing practices, therefore becomes necessary. This, however, faces many challenges, such as different organizational cultures, distinct individual and coordinative work practices and discrete information systems. Our work entails an examination of the practices of information and expertise sharing, and the obstacles to it, in inter-organizational crisis management. We conceive of this as a design case study, such that we examine a problem area and its scope; conduct detailed enquiries into practice in that area, and provide design recommendations for implementation and evaluation. First, we will present the results of an empirical study of collaboration practices between organizations and public authorities with security responsibilities such as the police, fire departments, public administration and electricity network operators, mainly in scenarios of medium to large power outages in Germany. Based on these results, we will describe a concept, which was designed, implemented and evaluated as a system prototype, in two iterations. While the first iteration focuses on situation assessment, the second iteration also includes inter-organizational collaboration functionalities. Based on the findings of our evaluations with practitioners, we will discuss how to support collaboration with a particular focus on information and expertise sharing.},
number = {4-6},
journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
author = {Ley, Benedikt and Ludwig, Thomas and Pipek, Volkmar and Randall, Dave and Reuter, Christian and Wiedenhoefer, Torben},
year = {2014},
keywords = {Crisis, HCI, A-Paper, Ranking-ImpactFactor, Cooperation, Ranking-CORE-B, Ranking-VHB-B, Projekt-InfoStrom},
pages = {347--387},
}
[BibTeX] [Abstract] [Download PDF]
Emergencies are characterized by high complexity and unpredictability. In order to assess and manage them successfully, improvisation work and informal communication, even beyond local and organizational boundaries, is needed. Such informal practices can facilitate ad hoc participation of units in situation assessment, but this may lack overall situation awareness. This paper presents a study on how emergent ‘collaboration needs‘ in current work of response teams, who are located on-site and in the control center, could be supported by mobile geo-collaboration systems. First, we present the results of an empirical study about informal work and mobile collaboration practices of emergency services. Then we describe the concept of a mobile geo-collaboration system that addresses the aspects detected in the empirical study and that was implemented as an Android application using web sockets, a technology enabling full-duplex ad hoc communication. Finally we outline the findings of its evaluation in practice and its implications.
@article{reuter_ad_2014,
title = {Ad {Hoc} {Participation} in {Situation} {Assessment}: {Supporting} {Mobile} {Collaboration} in {Emergencies}},
volume = {21},
url = {http://www.wineme.uni-siegen.de/paper/2014/2014_reuterludwigpipek_adhocparticipation_tochi.pdf},
doi = {10.1145/2651365},
abstract = {Emergencies are characterized by high complexity and unpredictability. In order to assess and manage them successfully, improvisation work and informal communication, even beyond local and organizational boundaries, is needed. Such informal practices can facilitate ad hoc participation of units in situation assessment, but this may lack overall situation awareness. This paper presents a study on how emergent ‘collaboration needs' in current work of response teams, who are located on-site and in the control center, could be supported by mobile geo-collaboration systems. First, we present the results of an empirical study about informal work and mobile collaboration practices of emergency services. Then we describe the concept of a mobile geo-collaboration system that addresses the aspects detected in the empirical study and that was implemented as an Android application using web sockets, a technology enabling full-duplex ad hoc communication. Finally we outline the findings of its evaluation in practice and its implications.},
number = {5},
journal = {ACM Transactions on Computer-Human Interaction (TOCHI)},
author = {Reuter, Christian and Ludwig, Thomas and Pipek, Volkmar},
month = nov,
year = {2014},
note = {Publisher: ACM},
keywords = {UsableSec, Crisis, HCI, A-Paper, AuswahlUsableSec, Ranking-CORE-A*, Selected, Ranking-ImpactFactor, Cooperation, Ranking-VHB-B, Ranking-WKWI-A, Projekt-InfoStrom},
pages = {1--26},
}
2013
[BibTeX] [Abstract] [Download PDF]
Decisions of emergency response organisations (police, fire fighters, infrastructure providers, etc.) rely on accurate and timely information. Some necessary information is integrated into control centre’s IT (weather, availability of electricity, gauge information, etc.), but almost every decision needs to be based on very specific information of the current crisis situation. Due to the unpredictable nature of a crisis, gathering this kind of information requires much improvisation and articulation work which we aim to support. We present a study on how different emergency response organisations communicate with teams on-site to generate necessary information for the coordinating instances, and we described, implemented and evaluated an interaction concept as well as a prototype to support this communication by a semi-structured request-and-report system based on Android devices. We learned that (1) the accuracy of request and reports can be improved by using an appropriate metadata structure in addition to creating multimedia-based information content, (2) requirements of trusted and fast information need to be respected in support concepts although they may even be contradictory, and (3) the coordination strategy of the emergency response organisation also shapes the way this interaction needs to be designed.
@inproceedings{ludwig_what_2013,
address = {Paphos, Cyrus},
title = {What {You} {See} {Is} {What} {I} {Need}: {Mobile} {Reporting} {Practices} in {Emergencies}},
url = {http://link.springer.com/chapter/10.1007/978-1-4471-5346-7_10},
doi = {10.1007/978-1-4471-5346-7_10},
abstract = {Decisions of emergency response organisations (police, fire fighters, infrastructure providers, etc.) rely on accurate and timely information. Some necessary information is integrated into control centre's IT (weather, availability of electricity, gauge information, etc.), but almost every decision needs to be based on very specific information of the current crisis situation. Due to the unpredictable nature of a crisis, gathering this kind of information requires much improvisation and articulation work which we aim to support. We present a study on how different emergency response organisations communicate with teams on-site to generate necessary information for the coordinating instances, and we described, implemented and evaluated an interaction concept as well as a prototype to support this communication by a semi-structured request-and-report system based on Android devices. We learned that (1) the accuracy of request and reports can be improved by using an appropriate metadata structure in addition to creating multimedia-based information content, (2) requirements of trusted and fast information need to be respected in support concepts although they may even be contradictory, and (3) the coordination strategy of the emergency response organisation also shapes the way this interaction needs to be designed.},
booktitle = {Proceedings of the {European} {Conference} on {Computer} {Supported} {Cooperative} {Work} ({ECSCW})},
publisher = {Springer},
author = {Ludwig, Thomas and Reuter, Christian and Pipek, Volkmar},
editor = {Bertelsen, Olav W. and Ciolfi, Luigina and Grasso, Antonietta and Papadopoulos, George Angelos},
year = {2013},
keywords = {Crisis, HCI, A-Paper, Cooperation, Ranking-CORE-B, Projekt-InfoStrom, Ranking-WKWI-C},
pages = {181--206},
}
2012
[BibTeX] [Abstract] [Download PDF]
Adaptations of business processes are important in work environments, specifically when process-support needs to be tailored according to changing needs. The creation, management, and adaptation of the process models require typically modeling-experts. While these actors are knowledgeable in formalizing and operationalizing processes end-users who do not necessarily possess sophisticated modeling skills know typically local practices and framing conditions best. In this paper, we present an approach to support users in articulating their needs and to involve them into the (re-)design of process specifications. We explore how end-users reflect upon and articulate about business processes. Based on results of a qualitative study, we present a new, paper-based interaction technique, which enables users with little skills to model processes. The resulting process specifications can be transferred either in paper or in digital form into traditional modeling systems for further elaboration.
@article{hess_supporting_2012,
title = {Supporting {End}-{User} {Articulations} in {Evolving} {Business} {Processes}: {A} {Case} {Study} to explore {Intuitive} {Notations} and {Interaction} {Designs}},
volume = {21},
url = {https://www.wineme.uni-siegen.de/paper/2012/2012_hessreuterpipekwulf_supportingenduserarticulations_ijcis.pdf},
doi = {10.1142/S0218843012500049},
abstract = {Adaptations of business processes are important in work environments, specifically when process-support needs to be tailored according to changing needs. The creation, management, and adaptation of the process models require typically modeling-experts. While these actors are knowledgeable in formalizing and operationalizing processes end-users who do not necessarily possess sophisticated modeling skills know typically local practices and framing conditions best. In this paper, we present an approach to support users in articulating their needs and to involve them into the (re-)design of process specifications. We explore how end-users reflect upon and articulate about business processes. Based on results of a qualitative study, we present a new, paper-based interaction technique, which enables users with little skills to model processes. The resulting process specifications can be transferred either in paper or in digital form into traditional modeling systems for further elaboration.},
number = {4},
journal = {International Journal of Cooperative Information Systems (IJCIS)},
author = {Hess, Jan and Reuter, Christian and Pipek, Volkmar and Wulf, Volker},
year = {2012},
keywords = {HCI, A-Paper, Ranking-ImpactFactor, Ranking-CORE-C, Ranking-VHB-B, Projekt-InfoStrom},
pages = {263--296},
}
[BibTeX] [Abstract] [Download PDF]
Improvisation is necessary when planned decision-making as the main managerial activity does not fit the conditions the practice provides. In these cases, information technology should not just automate planned and structured decisions, but support improvisational practice. In this contribution we present an empirical study about the improvisation work in scenarios of medium to large power outages in Germany. Our focus is on inter-organizational cooperation practices, thus we examined the cooperation of fire departments, police, public administration, electricity infrastructure operators and citizens. Our empirical material allows to describe reasons and conditions for improvisation. Our resulting recommendations address the support of aggregation and visualization of information, a necessary individualization of information compositions, options for collaborative situation assessment, requirements for informal and formal communication, and accessibility of information resources.
@inproceedings{ley_supporting_2012,
address = {New York, USA},
title = {Supporting improvisation work in inter-organizational crisis management},
isbn = {978-1-4503-1015-4},
url = {http://www.peasec.de/paper/2012/2012_LeyPipekReuterWiedenhoefer_ImprovisationWork_CHI.pdf},
doi = {10.1145/2207676.2208617},
abstract = {Improvisation is necessary when planned decision-making as the main managerial activity does not fit the conditions the practice provides. In these cases, information technology should not just automate planned and structured decisions, but support improvisational practice. In this contribution we present an empirical study about the improvisation work in scenarios of medium to large power outages in Germany. Our focus is on inter-organizational cooperation practices, thus we examined the cooperation of fire departments, police, public administration, electricity infrastructure operators and citizens. Our empirical material allows to describe reasons and conditions for improvisation. Our resulting recommendations address the support of aggregation and visualization of information, a necessary individualization of information compositions, options for collaborative situation assessment, requirements for informal and formal communication, and accessibility of information resources.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {ACM Press},
author = {Ley, Benedikt and Pipek, Volkmar and Reuter, Christian and Wiedenhoefer, Torben},
year = {2012},
keywords = {Crisis, HCI, A-Paper, Ranking-CORE-A*, Cooperation, Ranking-WKWI-A, Projekt-InfoStrom, Projekt-RSBE},
pages = {1529},
}
2008
[BibTeX] [Download PDF]
@article{reuter_entwicklung_2008,
title = {Entwicklung eines webbasierten {Dokumentenmanagement}-{Systems} für eine {Fluggesellschaft}},
volume = {50},
url = {http://www.peasec.de/paper/2008/2008_ReuterGeorg_EntwicklungWebbasiertesDMSFluggesellschaft_WI.pdf},
doi = {10.1365/s11576-008-0026-0},
number = {2},
journal = {Journal WIRTSCHAFTSINFORMATIK},
author = {Reuter, Christian and Georg, Christopher},
year = {2008},
keywords = {Student, HCI, A-Paper, Ranking-ImpactFactor, Cooperation, Ranking-VHB-B, Ranking-WKWI-A},
pages = {142--145},
}
All by Year (~400)
2025
[BibTeX] [Abstract]
The ongoing challenge of misinformation on social media motivates ongoing efforts to find effective countermeasures. In this study, we evaluated the potential of personalised nudging to reduce the sharing of misinformation on social media, as personalised support has been successfully applied in other areas of critical information handling. In an online experiment (N = 396) exposing users to social media posts, we assessed the degree of misinformation sharing between groups receiving (1) no nudges, (2) non-personalised nudges, and (3) personalised nudges. Personalisation was based on three psychometric dimensions – general decision-making style, consideration of future consequences, need for cognition – to assign the most appropriate nudge from a pool of five nudges. The results showed significant differences (p {\textless} .05) between all three groups, with the personalised nudge group sharing the least misinformation. Detailed analyses at the nudge level revealed that one nudge was universally effective and two nudges were effective only in their personalised form. The results generally confirm the potential of personalisation, although the effect is limited in scope. These findings shed light on the nuanced results of nudging studies, highlight the benefits of personalisation, and raise ethical considerations regarding the privacy implications of personalisation and those inherent in nudges.
@article{biselli_mitigating_2025,
title = {Mitigating {Misinformation} {Sharing} on {Social} {Media} through {Personalised} {Nudging}},
abstract = {The ongoing challenge of misinformation on social media motivates ongoing efforts to find effective countermeasures.
In this study, we evaluated the potential of personalised nudging to reduce the sharing of misinformation on social media, as personalised support has been successfully applied in other areas of critical information handling.
In an online experiment (N = 396) exposing users to social media posts, we assessed the degree of misinformation sharing between groups receiving (1) no nudges, (2) non-personalised nudges, and (3) personalised nudges. Personalisation was based on three psychometric dimensions - general decision-making style, consideration of future consequences, need for cognition - to assign the most appropriate nudge from a pool of five nudges.
The results showed significant differences (p {\textless} .05) between all three groups, with the personalised nudge group sharing the least misinformation. Detailed analyses at the nudge level revealed that one nudge was universally effective and two nudges were effective only in their personalised form.
The results generally confirm the potential of personalisation, although the effect is limited in scope.
These findings shed light on the nuanced results of nudging studies, highlight the benefits of personalisation, and raise ethical considerations regarding the privacy implications of personalisation and those inherent in nudges.},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Biselli, Tom and Hartwig, Katrin and Reuter, Christian},
year = {2025},
keywords = {A-Paper, Projekt-ATHENE-PriVis, Projekt-NEBULA, Ranking-CORE-A},
}
[BibTeX] [Abstract]
In Germany and other countries, specialized non-profit reporting centers combat online hate speech by submitting criminal content to law enforcement agencies, forwarding deletion requests to social media platforms, and providing counseling to victims, thus contributing to the governance mechanism of content moderation as intermediaries between victims and various organizations. Whereas research in computer-supported cooperative work has extensively explored collaboration of and automation for content moderators, there are no works that focus on reporting centers. Based on expert interviews with their staff (N=15), this study finds that most German centers share a collaborative workflow, of which multiple tasks are heavily dependent on inter-organizational exchange. However, there are differences in their implementation of monitoring, content assessment, automation technology adoption, and external collaborators. As the centers are faced with diverse challenges, such as borderline case assessment, psychological burdens, limited visibility, conflicting goals with other actors, and manual repetitive work, our study contributes with nine implications for designing and researching supportive technologies. They provide suggestions for improving hate speech gathering and reporting, researching hate speech prioritization and assessment algorithms, and designing case processing systems. Beyond that, we outline directions for research on inter-organizational collaboration.
@article{baumler_harnessing_2025,
title = {Harnessing {Inter}-{Organizational} {Collaboration} and {Automation} to {Combat} {Online} {Hate} {Speech}: {A} {Qualitative} {Study} with {German} {Reporting} {Centers}},
abstract = {In Germany and other countries, specialized non-profit reporting centers combat online hate speech by submitting criminal content to law enforcement agencies, forwarding deletion requests to social media platforms, and providing counseling to victims, thus contributing to the governance mechanism of content moderation as intermediaries between victims and various organizations. Whereas research in computer-supported cooperative work has extensively explored collaboration of and automation for content moderators, there are no works that focus on reporting centers. Based on expert interviews with their staff (N=15), this study finds that most German centers share a collaborative workflow, of which multiple tasks are heavily dependent on inter-organizational exchange. However, there are differences in their implementation of monitoring, content assessment, automation technology adoption, and external collaborators. As the centers are faced with diverse challenges, such as borderline case assessment, psychological burdens, limited visibility, conflicting goals with other actors, and manual repetitive work, our study contributes with nine implications for designing and researching supportive technologies. They provide suggestions for improving hate speech gathering and reporting, researching hate speech prioritization and assessment algorithms, and designing case processing systems. Beyond that, we outline directions for research on inter-organizational collaboration.},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Bäumler, Julian and Riebe, Thea and Kaufhold, Marc-André and Reuter, Christian},
year = {2025},
keywords = {Crisis, HCI, Projekt-CYWARN, Projekt-CYLENCE, A-Paper, AuswahlCrisis, Ranking-CORE-A},
}
[BibTeX]
@book{reuter_special_2025,
title = {Special {Issue} on {Combating} {Information} {Warfare}: {User}-{Centered} {Countermeasures} against {Fake} {News} and {Misinformation} - {Behaviour} \& {Information} {Technology} ({BIT})},
publisher = {Taylor \& Francis},
author = {Reuter, Christian and Hughes, Amanda Lee and Buntain, Cody},
year = {2025},
note = {Publication Title: Behaviour \& Information Technology (BIT)},
keywords = {Peace, Crisis, HCI, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX]
@article{reuter_combating_2025,
title = {Combating {Information} {Warfare}: {State} and {Trends} in {User}-{Centered} {Countermeasures} against {Fake} {News} and {Misinformation}},
journal = {Behaviour \& Information Technology (BIT)},
author = {Reuter, Christian and Hughes, Amanda Lee and Buntain, Cody},
year = {2025},
keywords = {Peace, Crisis, HCI, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX]
@incollection{riebe_creative_2025,
title = {Creative {Uses} of {Technology}: {Dual} {Use} {Governance}, {Assessment} and {Design}},
booktitle = {Conflict \& {Health} {Handbook}},
publisher = {De Gruyter},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
editor = {Hagopian, Amy and Birch, Marion},
year = {2025},
keywords = {Peace},
}
[BibTeX] [Abstract]
In conflict-ridden environments, timely and accurate information is critical for those dealing with the dynamic of events. When individuals have to flee, it becomes evident that refugees frequently rely on information and communication technologies (ICT) for information acquisition, travel coordination, and maintaining connections with related parties. Based on 17 interviews, this research explores how Ukrainian refugees, who sought protection in Germany due to the 2022 Russian full-scale invasion, use ICT before, during, and after their flight. By providing empirical findings, the results show in depth how contextual factors, such as infrastructural instability, privacy concerns and an advanced digitalization, interrelate with user behaviors. Analyzing the multifaceted civilian ICT use in the context of war and flight, this exploratory research contributes to the existing research on HCI in migration contexts and connects to several topics of CSCW. By contrasting case specifics, this work highlights what makes Ukraine a special case in this research area. Furthermore, this paper examines both existing and emerging affordances of ICT in the context of flight, and identifies the crucial role of messenger groups for information gathering in all phases of the flight. Lastly, collaborative dimensions of the identified affordances are discussed.
@article{steinbrink_smartphone_2025,
title = {Smartphone and {ICT} {Use} {Among} {Ukrainian} {Refugees}: {Technology} {Support} during {War}, {Flight}, and {Adaptation} in {Germany}},
abstract = {In conflict-ridden environments, timely and accurate information is critical for those dealing with the dynamic of events. When individuals have to flee, it becomes evident that refugees frequently rely on information and communication technologies (ICT) for information acquisition, travel coordination, and maintaining connections with related parties. Based on 17 interviews, this research explores how Ukrainian refugees, who sought protection in Germany due to the 2022 Russian full-scale invasion, use ICT before, during, and after their flight. By providing empirical findings, the results show in depth how contextual factors, such as infrastructural instability, privacy concerns and an advanced digitalization, interrelate with user behaviors. Analyzing the multifaceted civilian ICT use in the context of war and flight, this exploratory research contributes to the existing research on HCI in migration contexts and connects to several topics of CSCW. By contrasting case specifics, this work highlights what makes Ukraine a special case in this research area. Furthermore, this paper examines both existing and emerging affordances of ICT in the context of flight, and identifies the crucial role of messenger groups for information gathering in all phases of the flight. Lastly, collaborative dimensions of the identified affordances are discussed.},
number = {CSCW},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Steinbrink, Enno and Guntrum, Laura Gianna and Reuter, Christian},
year = {2025},
note = {Place: New York, NY, USA
Publisher: Association for Computing Machinery},
keywords = {Projekt-TraCe, UsableSec, Crisis, A-Paper, Projekt-ATHENE, Ranking-CORE-A, Projekt-GRKPrivacy},
}
2024
[BibTeX] [Abstract] [Download PDF]
Active learning is designed to minimize annotation efforts by prioritizing instances that most enhance learning. However, many active learning strategies struggle with a ‚cold start‘ problem, needing substantial initial data to be effective. This limitation often reduces their utility for pre-trained models, which already perform well in few-shot scenarios. To address this, we introduce ActiveLLM, a novel active learning approach that leverages large language models such as GPT-4, Llama 3, and Mistral Large for selecting instances. We demonstrate that ActiveLLM significantly enhances the classification performance of BERT classifiers in few-shot scenarios, outperforming both traditional active learning methods and the few-shot learning method SetFit. Additionally, ActiveLLM can be extended to non-few-shot scenarios, allowing for iterative selections. In this way, ActiveLLM can even help other active learning strategies to overcome their cold start problem. Our results suggest that ActiveLLM offers a promising solution for improving model performance across various learning setups.
@article{bayer_activellm_2024,
title = {{ActiveLLM}: {Large} {Language} {Model}-based {Active} {Learning} for {Textual} {Few}-{Shot} {Scenarios}},
url = {https://arxiv.org/pdf/2405.10808},
doi = {10.48550/arXiv.2405.10808},
abstract = {Active learning is designed to minimize annotation efforts by prioritizing instances that most enhance learning. However, many active learning strategies struggle with a 'cold start' problem, needing substantial initial data to be effective. This limitation often reduces their utility for pre-trained models, which already perform well in few-shot scenarios. To address this, we introduce ActiveLLM, a novel active learning approach that leverages large language models such as GPT-4, Llama 3, and Mistral Large for selecting instances. We demonstrate that ActiveLLM significantly enhances the classification performance of BERT classifiers in few-shot scenarios, outperforming both traditional active learning methods and the few-shot learning method SetFit. Additionally, ActiveLLM can be extended to non-few-shot scenarios, allowing for iterative selections. In this way, ActiveLLM can even help other active learning strategies to overcome their cold start problem. Our results suggest that ActiveLLM offers a promising solution for improving model performance across various learning setups.},
journal = {arXiv},
author = {Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {Projekt-ATHENE-CyAware, Projekt-CYLENCE, Security, UsableSec},
}
[BibTeX] [Abstract] [Download PDF]
The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and – ideally – on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.
@article{bayer_cysecbert_2024,
title = {{CySecBERT}: {A} {Domain}-{Adapted} {Language} {Model} for the {Cybersecurity} {Domain}},
volume = {27},
issn = {2471-2566},
url = {https://peasec.de/paper/2024/2024_BayerKuehnShanesazReuter_CySecBERT_TOPS.pdf},
doi = {10.1145/3652594},
abstract = {The field of cybersecurity is evolving fast. Security professionals are in need of intelligence on past, current and - ideally - on upcoming threats, because attacks are becoming more advanced and are increasingly targeting larger and more complex systems. Since the processing and analysis of such large amounts of information cannot be addressed manually, cybersecurity experts rely on machine learning techniques. In the textual domain, pre-trained language models like BERT have proven to be helpful as they provide a good baseline for further fine-tuning. However, due to the domain-knowledge and the many technical terms in cybersecurity, general language models might miss the gist of textual information. For this reason, we create a high-quality dataset and present a language model specifically tailored to the cybersecurity domain which can serve as a basic building block for cybersecurity systems. The model is compared on 15 tasks: Domain-dependent extrinsic tasks for measuring the performance on specific problems, intrinsic tasks for measuring the performance of the internal representations of the model as well as general tasks from the SuperGLUE benchmark. The results of the intrinsic tasks show that our model improves the internal representation space of domain words compared to the other models. The extrinsic, domain-dependent tasks, consisting of sequence tagging and classification, show that the model performs best in cybersecurity scenarios. In addition, we pay special attention to the choice of hyperparameters against catastrophic forgetting, as pre-trained models tend to forget the original knowledge during further training.},
number = {2},
journal = {ACM Transactions on Privacy and Security (TOPS)},
author = {Bayer, Markus and Kuehn, Philipp and Shanehsaz, Ramin and Reuter, Christian},
month = apr,
year = {2024},
note = {Place: New York, NY, USA
Publisher: Association for Computing Machinery},
keywords = {Student, Security, UsableSec, Projekt-CYWARN, Projekt-ATHENE-CyAware, Projekt-CYLENCE, A-Paper, Ranking-CORE-A, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Adversarial examples, capable of misleading machine learning models into making erroneous predictions, pose significant risks in safety-critical domains such as crisis informatics, medicine, and autonomous driving. To counter this, we introduce a novel textual adversarial example method that identifies falsely learned word indicators by leveraging explainable AI methods as importance functions on incorrectly predicted instances, thus revealing and understanding the weaknesses of a model. Coupled with adversarial training, this approach guides models to adopt complex decision rules when necessary and simpler ones otherwise, enhancing their robustness. To evaluate the effectiveness of our approach, we conduct a human and a transfer evaluation and propose a novel adversarial training evaluation setting for better robustness assessment. While outperforming current adversarial example and training methods, the results also show our method’s potential in facilitating the development of more resilient transformer models by detecting and rectifying biases and patterns in training data, showing baseline improvements of up to 23 percentage points in accuracy on adversarial tasks. The code of our approach is freely available for further exploration and use.
@inproceedings{bayer_xai-attack_2024,
address = {Torino, Italia},
title = {{XAI}-{Attack}: {Utilizing} {Explainable} {AI} to {Find} {Incorrectly} {Learned} {Patterns} for {Black}-{Box} {Adversarial} {Example} {Creation}},
url = {https://aclanthology.org/2024.lrec-main.1542},
abstract = {Adversarial examples, capable of misleading machine learning models into making erroneous predictions, pose significant risks in safety-critical domains such as crisis informatics, medicine, and autonomous driving. To counter this, we introduce a novel textual adversarial example method that identifies falsely learned word indicators by leveraging explainable AI methods as importance functions on incorrectly predicted instances, thus revealing and understanding the weaknesses of a model. Coupled with adversarial training, this approach guides models to adopt complex decision rules when necessary and simpler ones otherwise, enhancing their robustness. To evaluate the effectiveness of our approach, we conduct a human and a transfer evaluation and propose a novel adversarial training evaluation setting for better robustness assessment. While outperforming current adversarial example and training methods, the results also show our method's potential in facilitating the development of more resilient transformer models by detecting and rectifying biases and patterns in training data, showing baseline improvements of up to 23 percentage points in accuracy on adversarial tasks. The code of our approach is freely available for further exploration and use.},
booktitle = {Proceedings of the 2024 {Joint} {International} {Conference} on {Computational} {Linguistics}, {Language} {Resources} and {Evaluation} ({LREC}-{COLING})},
publisher = {ELRA and ICCL},
author = {Bayer, Markus and Neiczer, Markus and Samsinger, Maximilian and Buchhold, Björn and Reuter, Christian},
month = may,
year = {2024},
keywords = {Security, UsableSec, Projekt-ATHENE-CyAware, Projekt-CYLENCE, Ranking-CORE-A},
pages = {17725--17738},
}
[BibTeX] [Abstract] [Download PDF]
Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users‘ privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.
@article{biselli_supporting_2024,
title = {Supporting {Informed} {Choices} about {Browser} {Cookies}: {The} {Impact} of {Personalised} {Cookie} {Banners}},
url = {https://petsymposium.org/popets/2024/popets-2024-0011.pdf},
doi = {https://doi.org/10.56553/popets-2024-0011},
abstract = {Browser cookies, especially those from third parties, pose a threat to individual privacy. While it is possible in principle to control the number of cookies accepted, this choice is often neither usable nor truly informed. To address this issue, this study used semi-structured interviews (N=19) to identify attitudes and user requirements to develop an alternative personalised cookie banner, which was evaluated in an online experiment (N=157). The cookie banner explanations were tailored to the privacy knowledge of three groups of users: low, medium and high. The online experiment measured cookie choices and perceived usability of the cookie banner across three groups: an experimental group that viewed the novel cookie banner with personalisation (personalised privacy assistant), a control group that viewed the novel cookie banner without personalisation (privacy assistant) and a control group that viewed the standard cookie banner provided by the website. The results indicate that the novel cookie banner (with or without personalisation) generally resulted in significantly fewer accepted cookies and increased usability compared to the standard cookie window. In addition, the personalised cookie banner resulted in significantly fewer accepted cookies and higher usability than the non-personalised cookie banner. These results suggest that tailoring cookie banners to users' privacy knowledge can be an effective approach to empowering users to make informed choices and better protect their privacy.},
number = {1},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Biselli, Tom and Utz, Laura and Reuter, Christian},
year = {2024},
keywords = {Student, Security, UsableSec, HCI, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A},
pages = {171--191},
}
[BibTeX] [Abstract] [Download PDF]
In Germany, both law enforcement agencies and dedicated reporting centers engage in various activities to counter illegal online hate speech. Due to the high volume of such content and against the background of limited resources, their personnel can be confronted with the issue of information overload. To mitigate this issue, technologies for information filtering, classification, prioritization, and visualization offer great potential. However, domainspecific classification schemes that differentiate subtypes of online hate speech are a prerequisite for the development of such assistive tools. There is a gap in research with regard to an empirically substantiated classification scheme for subtypes of hate speech for the German law enforcement and reporting center domain. Based on a review of relevant computer science publications (N=24) and qualitative interviews with practitioners (N=18), this work investigates practice-relevant subtypes of hate speech and finds that it is primarily differentiated with regard to targeted group affiliations, the conveyance of an immediate security threat, and criminal relevance. It contributes to the state of research with an empirically grounded online hate speech classification scheme for German law enforcement agencies and reporting centers (C1) and five implications for the user-centered design of hate speech classification tools (C2).
@inproceedings{baumler_towards_2024,
address = {Karlsruhe, Germany},
title = {Towards an {Online} {Hate} {Speech} {Classification} {Scheme} for {German} {Law} {Enforcement} and {Reporting} {Centers}: {Insights} from {Research} and {Practice}},
url = {https://dl.gi.de/items/2fa0ec97-d562-41d2-bab9-0b0539432c87},
doi = {10.18420/muc2024-mci-ws13-124},
abstract = {In Germany, both law enforcement agencies and dedicated reporting centers engage in various activities to counter illegal online hate speech. Due to the high volume of such content and against the background of limited resources, their personnel can be confronted with the issue of information overload. To mitigate this issue, technologies for information filtering, classification, prioritization, and visualization offer great potential. However, domainspecific classification schemes that differentiate subtypes of online hate speech are a prerequisite for the development of such assistive tools. There is a gap in research with regard to an empirically substantiated classification scheme for subtypes of hate speech for the German law enforcement and reporting center domain. Based on a review of relevant computer science publications (N=24) and qualitative interviews with practitioners (N=18), this work investigates practice-relevant subtypes of hate speech and finds that it is primarily differentiated with regard to targeted group affiliations, the conveyance of an immediate security threat, and criminal relevance. It contributes to the state of research with an empirically grounded online hate speech classification scheme for German law enforcement agencies and reporting centers (C1) and five implications for the user-centered design of hate speech classification tools (C2).},
language = {en},
booktitle = {Mensch und {Computer} 2024 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Bäumler, Julian and Kaufhold, Marc-André and Voronin, Georg and Reuter, Christian},
year = {2024},
keywords = {UsableSec, HCI, Projekt-ATHENE-CyAware, Projekt-CYLENCE},
}
[BibTeX] [Abstract] [Download PDF]
Nowadays, the problem of point-to-point encryption is solved by the wide adaptation of protocols like TLS. However, challenges persist for End-to-End Encryption (E2EE). Current E2EE solutions, such as PGP and secure messengers like Signal, suffer from issues like 1) low usability, 2) small user base, 3) dependence on central service providers, and 4) susceptibility to backdoors. Concerns over legally mandated backdoors are rising as the US and EU are propos- ing new surveillance regulations requiring chat monitoring. We present a new E2EE solution called Encrypted MultiChannel Com- munication ( EMC2), based on 𝑛-out-of-𝑛 secret sharing. EMC2 splits messages into multiple secret shares and sends them through in- dependent channels. We show that multiple independent channels exist between users and EMC2 provides E2EE with no single point of trust, no setup, and is understandable by the general public. Our so- lution complements existing tools and strengthens the case against legally enforced backdoors by demonstrating their ineffectiveness.
@inproceedings{chandran_encrypted_2024,
address = {Salt Lake City, USA},
title = {Encrypted {MultiChannel} {Communication} ({EMC2}): {Johnny} should use secret sharing},
url = {https://dl.acm.org/doi/10.1145/3689943.3695051},
doi = {10.1145/3689943.3695051},
abstract = {Nowadays, the problem of point-to-point encryption is solved by
the wide adaptation of protocols like TLS. However, challenges
persist for End-to-End Encryption (E2EE). Current E2EE solutions,
such as PGP and secure messengers like Signal, suffer from issues
like 1) low usability, 2) small user base, 3) dependence on central
service providers, and 4) susceptibility to backdoors. Concerns over
legally mandated backdoors are rising as the US and EU are propos-
ing new surveillance regulations requiring chat monitoring. We
present a new E2EE solution called Encrypted MultiChannel Com-
munication ( EMC2), based on 𝑛-out-of-𝑛 secret sharing. EMC2 splits
messages into multiple secret shares and sends them through in-
dependent channels. We show that multiple independent channels
exist between users and EMC2 provides E2EE with no single point of
trust, no setup, and is understandable by the general public. Our so-
lution complements existing tools and strengthens the case against
legally enforced backdoors by demonstrating their ineffectiveness.},
booktitle = {23. {Workshop} on {Privacy} in the {Electronic} {Society} ({WPES}'24)},
publisher = {ACM},
author = {Chandran, Gowri R. and Demuth, Kilian and Edalatnejad, Kasra and Linsner, Sebastian and Reuter, Christian and Schneider, Thomas},
month = oct,
year = {2024},
keywords = {UsableSec},
pages = {34--39},
}
[BibTeX] [Abstract] [Download PDF]
In many applications and websites people use in their everyday life, their privacy and data is threatened, e.g., by script tracking during browsing. Although researchers and companies have developed privacy-enhancing technologies (PETs), they are often difficult to use for lay users. In this paper, we conducted a literature review to classify users into different support personas based on their privacy competence and privacy concern. With developers of PETs in mind, support personas were envisioned to facilitate the customization of software according to the support needs of different users. In order to demonstrate the usefulness of support personas and based on workshop sessions with 15 participants, we designed a browser extension which supports users with the issue of script tracking by providing different user interfaces for different support personas. The following qualitative evaluation with 31 participants showed that the developed UI elements worked as intended for the different support personas. Therefore, we conclude the concept of support personas is useful in the development process of usable applications that enhance the privacy of the users while also educating them and thus potentially increasing their privacy literacy.
@article{demuth_support_2024,
title = {Support {Personas}: {A} {Concept} for {Tailored} {Support} of {Users} of {Privacy}-{Enhancing} {Technologies}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0142.pdf},
doi = {https://doi.org/10.56553/popets-2024-0142},
abstract = {In many applications and websites people use in their everyday life, their privacy and data is threatened, e.g., by script tracking during browsing. Although researchers and companies have developed privacy-enhancing technologies (PETs), they are often difficult to use for lay users. In this paper, we conducted a literature review to classify users into different support personas based on their privacy competence and privacy concern. With developers of PETs in mind, support personas were envisioned to facilitate the customization of software according to the support needs of different users. In order to demonstrate the usefulness of support personas and based on workshop sessions with 15 participants, we designed a browser extension which supports users with the issue of script tracking by providing different user interfaces for different support personas. The following qualitative evaluation with 31 participants showed that the developed UI elements worked as intended for the different support personas. Therefore, we conclude the concept of support personas is useful in the development process of usable applications that enhance the privacy of the users while also educating them and thus potentially increasing their privacy literacy.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Demuth, Kilian and Linsner, Sebastian and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CROSSING, A-Paper, Projekt-ATHENE-PriVis, Ranking-CORE-A},
pages = {797--817},
}
[BibTeX] [Abstract] [Download PDF]
Mobile Erhebung semantisch modellierter Daten und deren Auswertung im Feld durch Hybrid Cloud Computing sind Grundlage des Resilienten Smart Farmings im Projekt GeoBox. Eine skalierbare Architektur und semantische Datenmodellierung ermöglichen Management betrieblicher Software-Container, flexible Anpassung an neue Aufgaben, und die Realisierung einfach nutzbarer externer Services, vorgestellt am Beispiel eines Resistenz-Beratungs-Chatbots und von Blühstreifen als Biodiversitätsmaßnahme.
@inproceedings{eberz-eder_hybrid_2024,
title = {Hybrid {Cloud} {Infrastrukturen} - {Edge} {Computing} und {KI}-basierte {Anwendungen} in der {Landwirtschaft} für resiliente und effektive {Produktions}- und {Biodiversitätsmaßnahmen}},
url = {https://dl.gi.de/handle/20.500.12116/43877,},
abstract = {Mobile Erhebung semantisch modellierter Daten und deren Auswertung im Feld durch Hybrid Cloud Computing sind Grundlage des Resilienten Smart Farmings im Projekt GeoBox. Eine skalierbare Architektur und semantische Datenmodellierung ermöglichen Management betrieblicher Software-Container, flexible Anpassung an neue Aufgaben, und die Realisierung einfach nutzbarer externer Services, vorgestellt am Beispiel eines Resistenz-Beratungs-Chatbots und von Blühstreifen als Biodiversitätsmaßnahme.},
booktitle = {44. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
publisher = {Gesellschaft für Informatik},
author = {Eberz-Eder, Daniel and Kuntke, Franz and Reuter, Christian and Bernardi, Ansgar and Kadi, Ahmad and Brill, Gerwin and Martini, Daniel and Kleinhenz, Benno},
year = {2024},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, RSF, Security, UsableSec},
}
[BibTeX] [Abstract] [Download PDF]
Critical infrastructures (CI) provide societies with essential goods and services. With the growing impact of digitalisation, information and communication technologies play an increasing role within these entities. Large-scale outages in many of the ten German CI sectors revealed the increasing vulnerabilities stemming from dependencies on electricity and connectivity. While the CI concept is widely used in current public debates, some inconsistencies require nuanced attention from students and researchers of CI. This chapter introduces secure critical infrastructures. It therefore provides an overview of the central characteristics, essential concepts of hierarchy, (inter-)dependency, criticality, and vulnerability to enable a coherent analysis of CI. To map out the multi-actor landscape within CI, the private, public, hybrid and civil-society stakeholders mainly shaping CI policies and discourses will be introduced.
@incollection{franken_secure_2024,
address = {Wiesbaden, Germany},
title = {Secure {Critical} {Infrastructures}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_13},
abstract = {Critical infrastructures (CI) provide societies with essential goods and services. With the growing impact of digitalisation, information and communication technologies play an increasing role within these entities. Large-scale outages in many of the ten German CI sectors revealed the increasing vulnerabilities stemming from dependencies on electricity and connectivity. While the CI concept is widely used in current public debates, some inconsistencies require nuanced attention from students and researchers of CI. This chapter introduces secure critical infrastructures. It therefore provides an overview of the central characteristics, essential concepts of hierarchy, (inter-)dependency, criticality, and vulnerability to enable a coherent analysis of CI. To map out the multi-actor landscape within CI, the private, public, hybrid and civil-society stakeholders mainly shaping CI policies and discourses will be introduced.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Franken, Jonas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_13},
keywords = {Peace, Security, Infrastructure},
}
[BibTeX] [Abstract] [Download PDF]
This article examines how Colombian NGOs use Information and Communication Technologies (ICTs) for peacebuilding attempts amid the COVID-19 pandemic. Drawing from 17 interviews with NGO members, the study underscores the pivotal role of digital peacebuilding in sustaining and expanding peace attempts, effective data management, and a broader engagement of target groups beyond in-person activities often associated with safety and financial concerns. The findings also identify prevailing challenges of incorporating ICTs in NGO’s peacebuilding activities, ranging from privacy-related concerns to connectivity issues. The article points out the potential for NGOs to enhance interactivity, knowledge transfer, and to diversify their activities, including IT-security training and awareness campaigns on hate speech and propaganda. It also emphasizes the importance of developing risk reduction strategies tailored to the specific needs of different target groups.
@article{guntrum_navigating_2024,
title = {Navigating the {Pandemic} through {Technology}: {Colombian} {NGOs} {Promoting} {Peace} during the {COVID}-19 era},
url = {https://peasec.de/paper/2024/2024_GuntrumCerrilloReuter_NavigatingPanedemicThroughTechnology_PeaceDev.pdf},
doi = {10.1177/15423166241293856},
abstract = {This article examines how Colombian NGOs use Information and Communication Technologies (ICTs) for peacebuilding attempts amid the COVID-19 pandemic. Drawing from 17 interviews with NGO members, the study underscores the pivotal role of digital peacebuilding in sustaining and expanding peace attempts, effective data management, and a broader engagement of target groups beyond in-person activities often associated with safety and financial concerns. The findings also identify prevailing challenges of incorporating ICTs in NGO's peacebuilding activities, ranging from privacy-related concerns to connectivity issues. The article points out the potential for NGOs to enhance interactivity, knowledge transfer, and to diversify their activities, including IT-security training and awareness campaigns on hate speech and propaganda. It also emphasizes the importance of developing risk reduction strategies tailored to the specific needs of different target groups.},
journal = {Peacebuilding \& Development},
author = {Guntrum, Laura and Cerrillo, Sofía and Reuter, Christian},
year = {2024},
keywords = {Peace, Projekt-TraCe, Student},
}
[BibTeX] [Abstract] [Download PDF]
In conflict-affected settings, activists use Information and Communication Technologies (ICTs) to attract international attention to their cause and stay informed about events. However, digital violence is a growing global concern. Perpetrators are often anonymous, making effective recourse difficult, and legal frameworks are often inadequate. Drawing on case studies of activists in Cameroon, Colombia, and Myanmar, this TraCe policy brief aims to (1) outline the challenges posed by increasing digital violence against activists and (2) identify how policymakers worldwide might respond to this issue.
@misc{guntrum_internet_2024,
title = {From {Internet} {Shutdowns} to {Personal} {Harassment}: {Examining} the {Spectrum} of {Digital} {Violence} {Against} {Social} {Activist}},
url = {https://www.trace-center.de/fileadmin/DatenTrace/Publikationen/TraCePB2404_Digital_Violence.pdf},
abstract = {In conflict-affected settings, activists use Information and Communication Technologies (ICTs) to attract international attention to their cause and stay informed about events. However, digital violence is a growing global concern. Perpetrators are often anonymous, making effective recourse difficult, and legal frameworks are often inadequate. Drawing on case studies of activists in Cameroon, Colombia, and Myanmar, this TraCe policy brief aims to (1) outline the challenges posed by increasing digital violence against activists and (2) identify how policymakers worldwide might respond to this issue.},
urldate = {2024-04-15},
publisher = {TraCe Policy Brief No. 4},
author = {Guntrum, Laura and Reuter, Christian},
year = {2024},
doi = {10.48809/PRIFTraCePB2404.},
keywords = {Peace, Projekt-TraCe},
}
[BibTeX]
@incollection{haesler_moderne_2024,
title = {Moderne {Technologien} und {Resilienz}},
isbn = {978-3-17-043720-3},
booktitle = {Resilienz und {Schockereignisse}},
publisher = {Kohlhammer},
author = {Haesler, Steffen and Reuter, Christian},
editor = {Karsten, Andreas H. and Voßschmidt, Stefan and Becker, Uwe},
year = {2024},
keywords = {Security, UsableSec, Projekt-emergenCITY},
}
[BibTeX] [Abstract] [Download PDF]
Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.
@inproceedings{hartwig_adolescents_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {From {Adolescents}' {Eyes}: {Assessing} an {Indicator}-{Based} {Intervention} to {Combat} {Misinformation} on {TikTok}},
isbn = {9798400703300},
url = {https://doi.org/10.1145/3613904.3642264},
doi = {10.1145/3613904.3642264},
abstract = {Misinformation poses a recurrent challenge for video-sharing platforms (VSPs) like TikTok. Obtaining user perspectives on digital interventions addressing the need for transparency (e.g., through indicators) is essential. This article offers a thorough examination of the comprehensibility, usefulness, and limitations of an indicator-based intervention from an adolescents’ perspective. This study (𝑁 = 39; aged 13-16 years) comprised two qualitative steps: (1) focus group discussions and (2) think-aloud sessions, where participants
engaged with a smartphone-app for TikTok. The results offer new insights into how video-based indicators can assist adolescents’ assessments. The intervention received positive feedback, especially for its transparency, and could be applicable to new content. This paper sheds light on how adolescents are expected to be experts while also being prone to video-based misinformation, with limited understanding of an intervention’s limitations. By adopting
teenagers’ perspectives, we contribute to HCI research and provide new insights into the chances and limitations of interventions for VSPs.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI})},
publisher = {Association for Computing Machinery},
author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, A-Paper, Ranking-CORE-A*, Selected, AuswahlCrisis, Projekt-ATHENE-PriVis, Projekt-NEBULA},
}
[BibTeX] [Abstract] [Download PDF]
Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.
@article{hartwig_navigating_2024,
title = {Navigating {Misinformation} in {Voice} {Messages}: {Identification} of {User}-{Centered} {Features} for {Digital} {Interventions}},
issn = {1944-4079},
url = {https://peasec.de/paper/2024/2024_HartwigSandlerReuter_NavigatingMisinfoVoiceMessages_RiskHazards.pdf},
doi = {10.1002/rhc3.12296},
abstract = {Misinformation presents a challenge to democracies, particularly in times of crisis. One way in which misinformation is spread is through voice messages sent via messenger groups, which enable members to share information on a larger scale. Gaining user perspectives on digital misinformation interventions as countermeasure after detection is crucial. In this paper, we extract potential features of misinformation in voice messages from literature, implement them within a program that automatically processes voice messages, and evaluate their perceived usefulness and comprehensibility as user-centered indicators.We propose 35 features extracted from audio files at the character, word, sentence, audio and creator levels to assist (1) private individuals in conducting credibility assessments, (2) government agencies faced with data overload during crises, and (3) researchers seeking to gather features for automatic detection approaches. We conducted a think-aloud study with laypersons (N = 20) to provide initial insight into how individuals autonomously assess the credibility of voice messages, as well as which automatically extracted features they find to be clear and convincing indicators of misinformation. Our study provides qualitative and quantitative insights into valuable indicators, particularly when they relate directly to the content or its creator, and uncovers challenges in user interface design.},
journal = {Risk, Hazards, \& Crisis in Public Policy (RHCPP)},
author = {Hartwig, Katrin and Sandler, Ruslan and Reuter, Christian},
year = {2024},
note = {Publisher: John Wiley \& Sons, Ltd},
keywords = {Student, UsableSec, Crisis, HCI, Projekt-CYLENCE, A-Paper, Projekt-NEBULA, Projekt-ATHENE, Ranking-ImpactFactor, SocialMedia, Cyberwar},
}
[BibTeX] [Abstract] [Download PDF]
Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.
@article{hartwig_landscape_2024,
title = {The {Landscape} of {User}-centered {Misinformation} {Interventions} – {A} {Systematic} {Literature} {Review}},
volume = {56},
issn = {0360-0300},
url = {https://peasec.de/paper/2024/2024_HartwigDoellReuter_LandscapeUserCentredMisinfoInterventions_CSUR.pdf},
doi = {10.1145/3674724},
abstract = {Misinformation represent a key challenge for society. User-centered misinformation interventions as digital countermeasures that exert a direct influence on users represent a promising means to deal with the large amounts of information available. While an extensive body of research on this topic exists, researchers are confronted with a diverse research landscape spanning multiple disciplines. This review systematizes the landscape of user-centered misinformation interventions to facilitate knowledge transfer, identify trends, and enable informed decision-making. Over 3,700 scholarly publications were screened and a systematic literature review (N=108) was conducted. A taxonomy was derived regarding intervention design (e.g., binary label), user interaction (active or passive), and timing (e.g., post exposure to misinformation). We provide a structured overview of approaches across multiple disciplines, and derive six overarching challenges for future research.},
number = {11},
journal = {ACM Computing Surveys (CSUR)},
author = {Hartwig, Katrin and Doell, Frederic and Reuter, Christian},
month = jul,
year = {2024},
keywords = {Peace, Student, HCI, A-Paper, Ranking-CORE-A*, Selected, Projekt-NEBULA, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Die Verbreitung falscher und irreführender Informationen – insbesondere über soziale Medien wie TikTok, Twitter, Facebook und Co. – nehmen eine immer größer werdende Relevanz in sicherheitsrelevanten Situationen ein. Gerade im Kontext des russischen Angriffskrieges gegen die Ukraine spielen derartige Plattformen eine besondere Rolle, indem gefälschte Videos oder Inhalte mit falscher zeitlicher Einordnung in kürzester Zeit viral gehen und somit das Potential für Verunsicherung und Meinungsmanipulation bergen. Problematisch sind dabei nicht nur absichtliche, sondern auch unabsichtlich irreführende Informationen. Ziel des interdisziplinären BMBF-Projekts NEBULA (Laufzeit: 1.7.2022-30.6.2025) ist die transparente, KI- basierte Erkennung von Falsch- und Fehlinformationen in sicherheitsrelevanten Situationen sowie die zielgruppengerechte Darstellung der Detektionsergebnisse zur Förderung der Medienkompetenz. Die nutzerzentrierten Ansätze adressieren dabei sowohl Behörden und Organisationen mit Sicherheitsaufgaben (BOS) in der akkuraten Lagebilderstellung und Krisenkommunikation, als auch vulnerable Personengruppen durch partizipative Entwicklung von technischen Unterstützungswerkzeugen. Innerhalb des Projekts entstehen Demonstratoren in Form von Smartphone-Apps, Browser-Plugins und Webanwendungen, um Einzelpersonen und Behörden dazu zu befähigen, Falsch- und Fehlinformationen eigenständig kritisch zu reflektieren und Umgangsstrategien zur Informationseinordnung anzueignen.
@inproceedings{hartwig_nebula_2024,
address = {München},
title = {{NEBULA}: {Nutzerzentrierte} {KI}-basierte {Erkennung} von {Fake} {News} und {Fehlinformationen}},
url = {https://peasec.de/paper/2024/2024_HartwigBiselliSchneiderReuter_NEBULA_BfSTagungsband.pdf},
abstract = {Die Verbreitung falscher und irreführender Informationen – insbesondere über soziale Medien wie TikTok,
Twitter, Facebook und Co. – nehmen eine immer größer werdende Relevanz in sicherheitsrelevanten
Situationen ein. Gerade im Kontext des russischen Angriffskrieges gegen die Ukraine spielen derartige
Plattformen eine besondere Rolle, indem gefälschte Videos oder Inhalte mit falscher zeitlicher Einordnung
in kürzester Zeit viral gehen und somit das Potential für Verunsicherung und Meinungsmanipulation
bergen. Problematisch sind dabei nicht nur absichtliche, sondern auch unabsichtlich irreführende
Informationen.
Ziel des interdisziplinären BMBF-Projekts NEBULA (Laufzeit: 1.7.2022-30.6.2025) ist die transparente, KI-
basierte Erkennung von Falsch- und Fehlinformationen in sicherheitsrelevanten Situationen sowie die
zielgruppengerechte Darstellung der Detektionsergebnisse zur Förderung der Medienkompetenz. Die
nutzerzentrierten Ansätze adressieren dabei sowohl Behörden und Organisationen mit Sicherheitsaufgaben
(BOS) in der akkuraten Lagebilderstellung und Krisenkommunikation, als auch vulnerable Personengruppen
durch partizipative Entwicklung von technischen Unterstützungswerkzeugen. Innerhalb des Projekts
entstehen Demonstratoren in Form von Smartphone-Apps, Browser-Plugins und Webanwendungen, um
Einzelpersonen und Behörden dazu zu befähigen, Falsch- und Fehlinformationen eigenständig kritisch zu
reflektieren und Umgangsstrategien zur Informationseinordnung anzueignen.},
booktitle = {Aktuelle {Themen} und {Herausforderungen} behördlicher {Risikokommunikation} - {Tagungsband}},
publisher = {Bundesamt für Strahlenschutz},
author = {Hartwig, Katrin and Biselli, Tom and Schneider, Franziska and Reuter, Christian},
year = {2024},
keywords = {Crisis, Projekt-NEBULA},
}
[BibTeX] [Abstract] [Download PDF]
Recent crises like the COVID-19 pandemic provoked an increasing appearance of misleading information, emphasizing the need for effective user-centered countermeasures as an important field in HCI research. This work investigates how content-specific user-centered indicators can contribute to an informed approach to misleading information. In a threefold study, we conducted an in-depth content analysis of 2,382 German tweets on Twitter (now X) to identify topical (e.g., 5G), formal (e.g., links), and rhetorical (e.g., sarcasm) characteristics through manual coding, followed by a qualitative online survey to evaluate which indicators users already use autonomously to assess a tweet’s credibility. Subsequently, in a think-aloud study participants qualitatively evaluated the identified indicators in terms of perceived comprehensibility and usefulness. While a number of indicators were found to be particularly comprehensible and useful (e.g., claim for absolute truth and rhetorical questions), our findings reveal limitations of indicator-based interventions, particularly for people with entrenched conspiracy theory views. We derive four implications for digitally supporting users in dealing with misleading information, especially during crises.
@article{hartwig_misleading_2024,
title = {Misleading {Information} in {Crises}: {Exploring} {Content}-specific {Indicators} on {Twitter} from a {User} {Perspective}},
issn = {0144-929X},
url = {https://doi.org/10.1080/0144929X.2024.2373166},
doi = {10.1080/0144929X.2024.2373166},
abstract = {Recent crises like the COVID-19 pandemic provoked an increasing appearance of misleading information,
emphasizing the need for effective user-centered countermeasures as an important field in HCI research. This
work investigates how content-specific user-centered indicators can contribute to an informed approach to
misleading information. In a threefold study, we conducted an in-depth content analysis of 2,382 German
tweets on Twitter (now X) to identify topical (e.g., 5G), formal (e.g., links), and rhetorical (e.g., sarcasm)
characteristics through manual coding, followed by a qualitative online survey to evaluate which indicators
users already use autonomously to assess a tweet’s credibility. Subsequently, in a think-aloud study participants
qualitatively evaluated the identified indicators in terms of perceived comprehensibility and usefulness. While
a number of indicators were found to be particularly comprehensible and useful (e.g., claim for absolute truth
and rhetorical questions), our findings reveal limitations of indicator-based interventions, particularly for
people with entrenched conspiracy theory views. We derive four implications for digitally supporting users in
dealing with misleading information, especially during crises.},
journal = {Behaviour \& Information Technology (BIT)},
author = {Hartwig, Katrin and Schmid, Stefka and Biselli, Tom and Pleil, Helene and Reuter, Christian},
year = {2024},
keywords = {Crisis, HCI, A-Paper, Projekt-ATHENE-PriVis, Projekt-NEBULA, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {1--34},
}
[BibTeX] [Abstract] [Download PDF]
In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.
@article{haunschild_towards_2024,
title = {Towards a {Digitally} {Mediated} {Transitional} {Justice} {Process}? {An} {Analysis} of {Colombian} {Transitional} {Justice} {Organisations}’ {Posting} {Behaviour} on {Facebook}},
volume = {30},
issn = {1082-7307},
url = {https://nsuworks.nova.edu/pcs/vol30/iss2/4/},
abstract = {In Colombia, Transitional Justice (TJ) institutions were established after years of violent conflict as part of the 2016 peace agreement between the FARC and the Colombian government. By analysing the posting behaviour of the government-appointed TJ institutions on Facebook, we show how general TJ aims and opportunities for citizen participation were promoted in 2019. Our analysis reveals that the organisations rarely address topics related to reconciliation and that active online participation and two-way communication are rather scarce. Instead, Facebook is mainly used by the TJ organisations to increase solidarity with victims and disseminate information about their work and the TJ process. Reflecting on existing literature on TJ and social media participation, we identify great potential for expanding TJ goals and community engagement on social media, to use it as a resource for facilitating the TJ processes, creating exchange, and enabling participation.},
number = {2},
journal = {Peace and Conflict Studies},
author = {Haunschild, Jasmin and Guntrum, Laura and Cerrillo, Sofía and Bujara, Franziska and Reuter, Christian},
year = {2024},
keywords = {Peace, Student, Projekt-ATHENE-SecUrban, SocialMedia},
}
[BibTeX] [Abstract] [Download PDF]
In disasters and crises, crisis preparation at the household level is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey in Germany on resource-oriented crisis preparedness and participants’ values, a group of more prepared and less prepared individuals was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. A quantitative analysis revealed a significant association between the value of benevolence and higher preparedness. Follow-up interviews (N=30) explored participants&\#039; beliefs and norms, showing minimal group differences. Although crisis preparedness is generally viewed positively, strong negativity exists towards perceived “hoarders”. The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing intervention that can trigger benevolence to foster preparedness and appeal to the social benefits to counter the narrative of anti-social crisis preparedness.
@article{haunschild_understanding_2024,
title = {Understanding {Crisis} {Preparedness}: {Insights} from {Personal} {Values}, {Beliefs}, {Social} {Norms}, and {Personal} {Norms}},
volume = {21},
url = {https://ojs.iscram.org/index.php/Proceedings/article/view/19},
abstract = {In disasters and crises, crisis preparation at the household level is crucial for societal resilience. However, motivating citizens to take personal responsibility and to implement preparedness measures remains challenging. This study investigates the impact of values, beliefs and norms on preparedness. Through a survey in Germany on resource-oriented crisis preparedness and participants’ values, a group of more prepared and less prepared individuals was differentiated. We quantitatively analyzed the correlation between values and crisis preparedness. A quantitative analysis revealed a significant association between the value of benevolence and higher preparedness. Follow-up interviews (N=30) explored participants\&\#039; beliefs and norms, showing minimal group differences. Although crisis preparedness is generally viewed positively, strong negativity exists towards perceived “hoarders”. The study discusses implication for crisis communication and the design of nudges and persuasive systems, emphasizing intervention that can trigger benevolence to foster preparedness and appeal to the social benefits to counter the narrative of anti-social crisis preparedness.},
urldate = {2024-05-27},
journal = {Proceedings of the Information Systems for Crisis Response and Management (ISCRAM) (Best Paper Award)},
author = {Haunschild, Jasmin and Burger, Felix and Reuter, Christian},
month = may,
year = {2024},
note = {Section: ISCRAM Proceedings},
keywords = {Student, Crisis, Projekt-emergenCITY, Projekt-ATHENE-SecUrban},
}
[BibTeX] [Abstract] [Download PDF]
Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.
@inproceedings{kaufhold_we_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
isbn = {9798400703300},
url = {https://peasec.de/paper/2024/2024_KaufholdRiebeBayerReuter_CertDesignCaseStudy_CHI.pdf},
doi = {10.1145/3613904.3642368},
abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
publisher = {Association for Computing Machinery},
author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CYWARN, Projekt-ATHENE-CyAware, Projekt-CYLENCE, A-Paper, AuswahlKaufhold, AuswahlUsableSec, Ranking-CORE-A*, Selected},
}
[BibTeX] [Abstract] [Download PDF]
Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and man-made crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural inter-ventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Sec-ondly, it discusses automatic cultural interventions realised via social bots (e.g. astro-turfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural inter-ventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.
@incollection{kaufhold_cultural_2024,
address = {Wiesbaden, Germany},
title = {Cultural {Violence} and {Peace} {Interventions} in {Social} {Media}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_18},
abstract = {Over the last decade, social media services had an enormous impact on modern culture. They are nowadays widely established in everyday life, but also during natural and man-made crises and conflicts. For instance, Facebook was part of the Arabic Spring, in which the tool facilitated the communication and interaction between participants of political protests. On the contrary, terrorists may recruit new members and disseminate ideologies, and social bots may influence social and political processes. Based on the notions of cultural violence and cultural peace as well as the phenomena of fake news, terrorism and social bots, this exploratory review firstly presents human cultural inter-ventions in social media (e.g. dissemination of fake news and terroristic propaganda) and respective countermeasures (e.g. fake news detection and counter-narratives). Sec-ondly, it discusses automatic cultural interventions realised via social bots (e.g. astro-turfing, misdirection and smoke screening) and countermeasures (e.g. crowdsourcing and social bot detection). Finally, this chapter concludes with a range of cultural inter-ventions and information and communication technology (ICT) in terms of actors and intentions to identify future research potential for supporting situational assessments during conflicts.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Kaufhold, Marc-André and Haunschild, Jasmin and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_18},
keywords = {Peace, Crisis, HCI, Projekt-CYLENCE, SocialMedia},
}
[BibTeX] [Abstract] [Download PDF]
Computer Emergency Response Teams provide advisory, preventive, and reactive cybersecurity services for authorities, citizens, and businesses. However, their responsibility of establishing cyber situational awareness by monitoring and analyzing security advisories and vulnerabilities has become challenging due to the growing volume of information disseminated through public channels. Thus, this paper presents the preliminary design of a system for automatically retrieving and extracting security advisory documents from Common Security Advisory Framework (CSAF), HTML, and RSS sources. The evaluation with various security advisory sources (N=53) shows that the developed system can retrieve 90\% of the published advisory documents, which is a significant improvement over systems only relying on the retrieval from RSS feeds (30\%).
@inproceedings{kaufhold_towards_2024,
address = {Karlsruhe, Germany},
title = {Towards a {Security} {Advisory} {Content} {Retrieval} and {Extraction} {System} for {Computer} {Emergency} {Response} {Teams}},
url = {https://dl.gi.de/items/6ee00080-4245-44c0-ae9c-1a9cdea7fa3a},
doi = {10.18420/muc2024-mci-ws13-133},
abstract = {Computer Emergency Response Teams provide advisory, preventive, and reactive cybersecurity services for authorities, citizens, and businesses. However, their responsibility of establishing cyber situational awareness by monitoring and analyzing security advisories and vulnerabilities has become challenging due to the growing volume of information disseminated through public channels. Thus, this paper presents the preliminary design of a system for automatically retrieving and extracting security advisory documents from Common Security Advisory Framework (CSAF), HTML, and RSS sources. The evaluation with various security advisory sources (N=53) shows that the developed system can retrieve 90\% of the published advisory documents, which is a significant improvement over systems only relying on the retrieval from RSS feeds (30\%).},
language = {en},
booktitle = {Mensch und {Computer} 2024 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Bäumler, Julian and Koukal, Nicolai and Reuter, Christian},
year = {2024},
keywords = {UsableSec, HCI, Projekt-ATHENE-CyAware, Projekt-CYLENCE},
}
[BibTeX] [Abstract] [Download PDF]
Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.
@inproceedings{kaufhold_11_2024,
address = {Karlsruhe, Germany},
title = {11. {Workshop} {Mensch}-{Maschine}-{Interaktion} in sicherheitskritischen {Systemen}},
url = {https://dl.gi.de/items/6a526522-0cbf-4672-af8d-d7580cf97f92},
doi = {10.18420/muc2024-mci-ws13-101},
abstract = {Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.},
language = {de},
booktitle = {Mensch und {Computer} 2024 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Mentler, Tilo and Nestler, Simon and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CYLENCE},
}
[BibTeX] [Abstract] [Download PDF]
The ever-increasing number of threats and the existing diversity of information sources pose challenges for Computer Emergency Response Teams (CERTs). To respond to emerging threats, CERTs must gather information in a timely and comprehensive manner. But the volume of sources and information leads to information overload. This paper contributes to the question of how to reduce information overload for CERTs. We propose clustering incoming information as scanning this information is one of the most tiresome, but necessary, manual steps. Based on current studies, we establish conditions for such a framework. Different types of evaluation metrics are used and selected in relation to the framework conditions. Furthermore, different document embeddings and distance measures are evaluated and interpreted in combination with clustering methods. We use three different corpora for the evaluation, a novel ground truth corpus based on threat reports, one security bug report (SBR) corpus, and one with news articles. Our work shows, it is possible to reduce the information overload by up to 84.8\% with homogeneous clusters. A runtime analysis of the clustering methods strengthens the decision of selected clustering methods. The source code and dataset will be made publicly available after acceptance.
@misc{kuehn_threatcluster_2024,
title = {{ThreatCluster}: {Threat} {Clustering} for {Information} {Overload} {Reduction} in {Computer} {Emergency} {Response} {Teams}},
shorttitle = {{ThreatCluster}},
url = {http://arxiv.org/abs/2210.14067},
doi = {10.48550/arXiv.2210.14067},
abstract = {The ever-increasing number of threats and the existing diversity of information sources pose challenges for Computer Emergency Response Teams (CERTs). To respond to emerging threats, CERTs must gather information in a timely and comprehensive manner. But the volume of sources and information leads to information overload. This paper contributes to the question of how to reduce information overload for CERTs. We propose clustering incoming information as scanning this information is one of the most tiresome, but necessary, manual steps. Based on current studies, we establish conditions for such a framework. Different types of evaluation metrics are used and selected in relation to the framework conditions. Furthermore, different document embeddings and distance measures are evaluated and interpreted in combination with clustering methods. We use three different corpora for the evaluation, a novel ground truth corpus based on threat reports, one security bug report (SBR) corpus, and one with news articles. Our work shows, it is possible to reduce the information overload by up to 84.8\% with homogeneous clusters. A runtime analysis of the clustering methods strengthens the decision of selected clustering methods. The source code and dataset will be made publicly available after acceptance.},
urldate = {2024-03-18},
publisher = {arXiv},
author = {Kuehn, Philipp and Nadermahmoodi, Dilara and Kerk, Moritz and Reuter, Christian},
month = mar,
year = {2024},
note = {arXiv:2210.14067 [cs]
version: 2},
keywords = {Student, Security, UsableSec, Projekt-CYWARN, Projekt-ATHENE-SecUrban},
}
[BibTeX] [Abstract] [Download PDF]
In today’s world, cyber-attacks are becoming more frequent and thus proactive protection against them is becoming more important. Cyber Threat Intelligence (CTI) is a possible solution, as it collects threat information in various information sources and derives stakeholder intelligence to protect one’s infrastructure. The current focus of CTI in research is the clear web, but the dark web may contain further information. To further advance protection, this work analyzes the dark web as Open Source Intelligence (OSINT) data source to complement current CTI information. The underlying assumption is that hackers use the dark web to exchange, develop, and share information and assets. This work aims to understand the structure of the dark web and identify the amount of its openly available CTI related information. We conducted a comprehensive literature review for dark web research and CTI. To follow this up we manually investigated and analyzed 65 dark web forum (DWF), 7 single-vendor shops, and 72 dark web marketplace (DWM). We documented the content and relevance of DWFs and DWMs for CTI, as well as challenges during the extraction and provide mitigations. During our investigation we identified IT security relevant information in both DWFs and DWMs, ranging from malware toolboxes to hacking-as-a-service. One of the most present challenges during our manual analysis were necessary interactions to access information and anti-crawling measures, i.e., CAPTCHAs. This analysis showed 88\% of marketplaces and 53\% of forums contained relevant data. Our complementary semi-automated analysis of 1,186,906 onion addresses indicates, that the necessary interaction makes it difficult to see the dark web as an open, but rather treat it as specialized information source, when clear web information does not suffice.
@article{kuehn_navigating_2024,
title = {Navigating the {Shadows}: {Manual} and {Semi}-{Automated} {Evaluation} of the {Dark} {Web} for {Cyber} {Threat} {Intelligence}},
volume = {12},
issn = {2169-3536},
shorttitle = {Navigating the {Shadows}},
url = {https://ieeexplore.ieee.org/document/10643518},
doi = {10.1109/ACCESS.2024.3448247},
abstract = {In today’s world, cyber-attacks are becoming more frequent and thus proactive protection against them is becoming more important. Cyber Threat Intelligence (CTI) is a possible solution, as it collects threat information in various information sources and derives stakeholder intelligence to protect one’s infrastructure. The current focus of CTI in research is the clear web, but the dark web may contain further information. To further advance protection, this work analyzes the dark web as Open Source Intelligence (OSINT) data source to complement current CTI information. The underlying assumption is that hackers use the dark web to exchange, develop, and share information and assets. This work aims to understand the structure of the dark web and identify the amount of its openly available CTI related information. We conducted a comprehensive literature review for dark web research and CTI. To follow this up we manually investigated and analyzed 65 dark web forum (DWF), 7 single-vendor shops, and 72 dark web marketplace (DWM). We documented the content and relevance of DWFs and DWMs for CTI, as well as challenges during the extraction and provide mitigations. During our investigation we identified IT security relevant information in both DWFs and DWMs, ranging from malware toolboxes to hacking-as-a-service. One of the most present challenges during our manual analysis were necessary interactions to access information and anti-crawling measures, i.e., CAPTCHAs. This analysis showed 88\% of marketplaces and 53\% of forums contained relevant data. Our complementary semi-automated analysis of 1,186,906 onion addresses indicates, that the necessary interaction makes it difficult to see the dark web as an open, but rather treat it as specialized information source, when clear web information does not suffice.},
journal = {IEEE Access},
author = {Kuehn, Philipp and Wittorf, Kyra and Reuter, Christian},
year = {2024},
keywords = {Student, Security, UsableSec, Projekt-CYWARN, Projekt-ATHENE-SecUrban, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {118903--118922},
}
[BibTeX] [Abstract] [Download PDF]
Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.
@article{kuntke_geobox_2024,
title = {{GeoBox}: {Design} and {Evaluation} of a {Tool} for {Resilient} and {Decentralized} {Data} {Management} in {Agriculture}},
volume = {43},
issn = {0144-929X},
url = {https://peasec.de/paper/2023/2023_KuntkeKaufholdLinsnerReuter_GeoBox_BIT.pdf},
doi = {10.1080/0144929X.2023.2185747},
abstract = {Farm Management Information Systems (FMIS) are an important core component of modern farming companies as they allow, e.g., to document activities, create fertilization plans, and feed digital equipment with required data. Since the entire agricultural sector is an essential component of food production, high standards of resilience should be established in the involved companies. Accordingly, the used software should also be designed with high standards on reliability and crisis capability. Based on a literature review, we found that software for farmers with certain resilience needs is lacking. Thus, we designed and evaluated a new FMIS concept with the user-centered design method. By conducting focus groups (two rounds, total N=57) in 2017 and 2019, we raised specific front-end and back-end requirements of farmers. Based on the requirements, we developed our concept for both front- and back-end in terms of a decentralized and offline-working FMIS. Through the evaluation with practitioners (N=16) of the implemented concept, we derived findings and implications, highlighting the need for privacy, stability, and offline-capability, as well as the UI-requirement to be supportive, e.g., with easy to understand icons and terms.},
number = {4},
journal = {Behaviour \& Information Technology (BIT)},
author = {Kuntke, Franz and Kaufhold, Marc-André and Linsner, Sebastian and Reuter, Christian},
month = mar,
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, Security, UsableSec, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {764--786},
}
[BibTeX] [Abstract] [Download PDF]
Agriculture is experiencing continuous digitalization, with an increasing importance of data for the tools used. In contrast to other critical infrastructures, the average agricultural business has a small number of employees. The requirements for agricultural technology, its implementation and the regulations therefore differ from other critical infrastructures. The effects of current trends such as smart farming on the resilience of the sector and dependencies on other infrastructures remain unclear. But some aspects of agricultural digitalization must be viewed critically in order to avoid security risks in future: Products must have secure default settings and the need for cloud connectivity should be questioned more frequently – both for stronger security and resilience to infrastructure failures and the high need for data protection in agriculture. With the right developments, digitalization can not only be made secure, but also have a positive effect on the resilience and efficiency of farms.
@misc{kuntke_resilienz_2024,
title = {Resilienz in der digitalisierten {Landwirtschaft}: {Abhängigkeiten} deutscher landwirtschaftlicher {Betriebe} von {Kommunikations}- und {Energieinfrastruktur} im {Katastrophenschutz}},
url = {https://doi.org/10.5281/zenodo.12209183},
abstract = {Agriculture is experiencing continuous digitalization, with an increasing importance of data for the tools used.
In contrast to other critical infrastructures, the average agricultural business has a small number of employees. The requirements for agricultural technology, its implementation and the regulations therefore differ from other critical infrastructures. The effects of current trends such as smart farming on the resilience of the sector and dependencies on other infrastructures remain unclear. But some aspects of agricultural digitalization must be viewed critically in order to avoid security risks in future: Products must have secure default settings and the need for cloud connectivity should be questioned more frequently – both for stronger security and resilience to infrastructure failures and the high need for data protection in agriculture. With the right developments, digitalization can not only be made secure, but also have a positive effect on the resilience and efficiency of farms.},
urldate = {2024-04-15},
publisher = {emergenCITY Policy Paper No. 4},
author = {Kuntke, Franz and Reuter, Christian},
year = {2024},
doi = {10.5281/zenodo.12209183},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, Projekt-ATHENE, Projekt-HyServ},
}
[BibTeX] [Abstract] [Download PDF]
In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.
@article{linsner_decision-based_2024,
title = {Decision-based {Data} {Distribution} ({D}³): {Enabling} {Users} to {Minimize} {Data} {Propagation} in {Privacy}-sensitive {Scenarios}},
issn = {2299-0984},
url = {https://petsymposium.org/popets/2024/popets-2024-0113.php},
doi = {10.56553/popets-2024-0113},
abstract = {In many scenarios users have to communicate sensitive data with third parties such as doctors, lawyers, insurance companies, social workers or online shops. Handing over personal data is necessary to use those services but the delegation of tasks to increase efficiency still poses the risk that personal data might be leaked. To minimize this risk and further enhance the privacy of users, we propose an interaction concept that uses layered encryption of messages to provide a trade-off between privacy and usability. Users can choose which data is additionally encrypted in an inner layer, say, for the eyes of their doctor only, and which data is available in an outer (encrypted or unencrypted) layer for all staff members. Another benefit is the hiding of sensitive data from package inspection or crawling algorithms over emails, while less critical parts can still be processed by these systems via the partial access. To investigate this concept, we derive relevant use cases for form-based communication over email from a quantitative pre-study with 1011 participants, showing that general practitioners are the most suitable use case. We developed demonstrators for this use case and evaluated them in a qualitative study with 42 participants. Our results show that the possibility of minimizing the propagation of sensitive data through additional encryption is highly appreciated and the usage of form-based communication is a promising approach for the digital transformation.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Linsner, Sebastian and Demuth, Kilian and Fischlin, Marc and Reuter, Christian},
year = {2024},
keywords = {Security, UsableSec, HCI, Projekt-CROSSING, A-Paper, Selected, Projekt-ATHENE-PriVis, Ranking-CORE-A},
}
[BibTeX] [Abstract] [Download PDF]
Internet of Things (IoT) devices have become increasingly important within the smart home domain, making the security of the devices a critical aspect. The majority of IoT devices are black-box systems running closed and pre-installed firmware. This raises concerns about the trustworthiness of these devices, especially considering that some of them are shipped with a microphone or a camera. Remote attestation aims at validating the trustworthiness of these devices by verifying the integrity of the software. However, users cannot validate whether the attestation has actually taken place and has not been manipulated by an attacker, raising the need for HCI research on trust and understandability. We conducted a qualitative study with 35 participants, investigating trust in the attestation process and whether this trust can be improved by additional explanations in the application. We developed an application that allows users to attest a smart speaker using their smartphone over an audio channel to identify the attested device and observe the attestation process. In order to observe the differences between the applications with and without explanations, we performed A/B testing. We discovered that trust increases when additional explanations of the technical process are provided, improving the understanding of the attestation process.
@article{linsner_building_2024,
title = {Building {Trust} in {Remote} {Attestation} {Through} {Transparency} – {A} {Qualitative} {User} {Study} on {Observable} {Attestation}},
issn = {0144-929X},
url = {https://doi.org/10.1080/0144929X.2024.2374889},
doi = {10.1080/0144929X.2024.2374889},
abstract = {Internet of Things (IoT) devices have become increasingly important within the smart home domain, making the security of the devices a critical aspect. The majority of IoT devices are black-box systems running closed and pre-installed firmware. This raises concerns about the trustworthiness of these devices, especially considering that some of them are shipped with a microphone or a camera. Remote attestation aims at validating the trustworthiness of these devices by verifying the integrity of the software. However, users cannot validate whether the attestation has actually taken place and has not been manipulated by an attacker, raising the need for HCI research on trust and understandability. We conducted a qualitative study with 35 participants, investigating trust in the attestation process and whether this trust can be improved by additional explanations in the application. We developed an application that allows users to attest a smart speaker using their smartphone over an audio channel to identify the attested device and observe the attestation process. In order to observe the differences between the applications with and without explanations, we performed A/B testing. We discovered that trust increases when additional explanations of the technical process are provided, improving the understanding of the attestation process.},
journal = {Behaviour \& Information Technology (BIT)},
author = {Linsner, Sebastian and Demuth, Kilian and Surminski, Sebastian and Davi, Lucas and Reuter, Christian},
year = {2024},
note = {Publisher: Taylor \& Francis},
keywords = {Security, UsableSec, Projekt-CROSSING, A-Paper, Projekt-ATHENE-PriVis, Ranking-ImpactFactor},
pages = {1--21},
}
[BibTeX] [Abstract] [Download PDF]
Verification is one of the pillars of arms control and non-proliferation treaties as well as an important part of confidence building measures. It defines practical measures that enable treaty members to check the treaty compliance by observing, counting or moni-toring specific actions and their accordance with the respective rules. In contrast to his-torical examples of former military technologies, cyberspace features some unique char-acteristics making it hard to apply established measures. The chapter describes these peculiarities and assesses distinguishing problems compared to selected verification measures for nuclear, biological and chemicals weapons technology. Yet, cyberspace is a human-made domain and adjusting its technical setting, rules and principles may help to reduce the threat of ongoing militarisation. Offering some alternatives, the chapter elaborates on suitable and measurable parameters for this domain and presents potential-ly useful verification approaches.
@incollection{reinhold_verification_2024,
address = {Wiesbaden, Germany},
title = {Verification in {Cyberspace}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_11},
abstract = {Verification is one of the pillars of arms control and non-proliferation treaties as well as an important part of confidence building measures. It defines practical measures that enable treaty members to check the treaty compliance by observing, counting or moni-toring specific actions and their accordance with the respective rules. In contrast to his-torical examples of former military technologies, cyberspace features some unique char-acteristics making it hard to apply established measures. The chapter describes these peculiarities and assesses distinguishing problems compared to selected verification measures for nuclear, biological and chemicals weapons technology. Yet, cyberspace is a human-made domain and adjusting its technical setting, rules and principles may help to reduce the threat of ongoing militarisation. Offering some alternatives, the chapter elaborates on suitable and measurable parameters for this domain and presents potential-ly useful verification approaches.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_11},
keywords = {Peace, Security, Projekt-CNTR},
}
[BibTeX] [Abstract] [Download PDF]
The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.
@incollection{reinhold_cyber_2024,
address = {Wiesbaden, Germany},
title = {From {Cyber} {War} to {Cyber} {Peace}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_7},
abstract = {The encompassing trend of digitalisation and widespread dependencies on IT systems triggers adjustments also in the military forces. Besides necessary enhancements of IT security and defensive measures for cyberspace, a growing number of states are estab-lishing offensive military capabilities for this domain. Looking at historical develop-ments and transformations due to advancements in military technologies, the chapter discusses the political progress made and tools developed since. Both of these have con-tributed to handling challenges and confining threats to international security. With this background, the text assesses a possible application of these efforts to developments concerning cyberspace, as well as obstacles that need to be tackled for it to be success-ful. The chapter points out political advancements already in progress, the role of social initiatives, such as the cyber peace campaign of the Forum of Computer Scientists for Peace and Societal Responsibility (FifF), as well as potential consequences of the rising probability of cyber war as opposed to the prospects of cyber peace.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_7},
keywords = {Peace, Security, Projekt-CROSSING, Cyberwar, Projekt-CNTR},
}
[BibTeX] [Abstract] [Download PDF]
Arms control aims at preventing conflicts and fostering stability in inter-state relations by either reducing the probability of usage of a specific weapon or regulating its use and thus, reducing the costs of armament. Several approaches to arms control exist: limiting or reducing numbers of weapons and armed forces, disarmament (“down to zero”) or prohibiting certain weapons. To illustrate these further, this chapter elaborates on the necessity of arms control and presents some historical examples, including an overview of existing measures of arms control. Extrapolating from these, the general architecture of arms control regimes and the complex issue of establishing and verifying compliance with agreements will be discussed, not least with respect to cyberspace. Building on these theoretical considerations, the chapter presents important treaties and first approaches, including the Wassenaar Arrangement, the recommendations of the OSCE, and the UN GGE 2015.
@incollection{reuter_arms_2024,
address = {Wiesbaden},
title = {Arms {Control} and its {Applicability} to {Cyberspace}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_10},
abstract = {Arms control aims at preventing conflicts and fostering stability in inter-state relations by either reducing the probability of usage of a specific weapon or regulating its use and thus, reducing the costs of armament. Several approaches to arms control exist: limiting or reducing numbers of weapons and armed forces, disarmament (“down to zero”) or prohibiting certain weapons. To illustrate these further, this chapter elaborates on the necessity of arms control and presents some historical examples, including an overview of existing measures of arms control. Extrapolating from these, the general architecture of arms control regimes and the complex issue of establishing and verifying compliance with agreements will be discussed, not least with respect to cyberspace. Building on these theoretical considerations, the chapter presents important treaties and first approaches, including the Wassenaar Arrangement, the recommendations of the OSCE, and the UN GGE 2015.},
language = {en},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Fachmedien Wiesbaden},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_10},
keywords = {Peace, Projekt-CNTR},
}
[BibTeX] [Abstract] [Download PDF]
As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter (This chapter is based on the chapter “Cyber Weapons and Artificial Intelligence: Impact, Influence and the Challenges for Arms Control” by Thomas Reinhold and Christian Reuter, published in 2022 in “Armament, Arms Control and Artificial Intelligence: The Janus-faced Nature of Machine Learning in the Military Realm” by Thomas Reinhold and Niklas Schörnig (Editors).) will analyse this development and highlight the increasing tendency towards artificial intelligence enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyber attacks and the problems for developing arms control measures for this technology fusion. However, the chapter also ventures an outlook how artificial intelligence methods can help to mitigate these challenges if applied for arms control measures itself.
@incollection{reinhold_artificial_2024,
address = {Wiesbaden},
title = {Artificial {Intelligence} and {Cyber} {Weapons}},
isbn = {978-3-658-44810-3},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_16},
abstract = {As cyber weapons and artificial intelligence technologies share the same technological foundation of bits and bytes, there is a strong trend of connecting both, thus addressing the imminent challenge of cyber weapons of processing, filtering and aggregating huge amounts of digital data in real time into decisions and actions. This chapter (This chapter is based on the chapter “Cyber Weapons and Artificial Intelligence: Impact, Influence and the Challenges for Arms Control” by Thomas Reinhold and Christian Reuter, published in 2022 in “Armament, Arms Control and Artificial Intelligence: The Janus-faced Nature of Machine Learning in the Military Realm” by Thomas Reinhold and Niklas Schörnig (Editors).) will analyse this development and highlight the increasing tendency towards artificial intelligence enabled autonomous decisions in defensive as well as offensive cyber weapons, the arising additional challenges for attributing cyber attacks and the problems for developing arms control measures for this technology fusion. However, the chapter also ventures an outlook how artificial intelligence methods can help to mitigate these challenges if applied for arms control measures itself.},
booktitle = {Information {Technology} for {Peace} and {Security}: {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Fachmedien Wiesbaden},
author = {Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
doi = {10.1007/978-3-658-44810-3_16},
pages = {335--349},
}
[BibTeX] [Abstract] [Download PDF]
Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.
@incollection{reuter_outlook_2024,
address = {Wiesbaden, Germany},
title = {Outlook: {The} {Future} of {IT} in {Peace} and {Security}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_22},
abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Aal, Konstantin and Altmann, Jürgen and Bernhardt, Ute and Denker, Kai and Franken, Jonas and Gonsior, Anja-Liisa and Guntrum, Laura and Herrmann, Dominik and Hollick, Matthias and Katzenbeisser, Stefan and Kaufhold, Marc-André and Reinhold, Thomas and Riebe, Thea and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schirch, Lisa and Schmid, Stefka and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_22},
keywords = {Peace, Security, Projekt-CROSSING},
}
[BibTeX] [Abstract] [Download PDF]
Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.
@incollection{reuter_overview_2024,
address = {Wiesbaden, Germany},
title = {An {Overview} and {Introduction} to {Information} {Technology} for {Peace} and {Security}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_1},
abstract = {Technological and scientific progress, especially the rapid development in information technology (IT), plays a crucial role regarding questions of peace and security. This textbook addresses the significance, potentials and challenges of IT for peace and securi-ty. For this purpose, the book offers an introduction to peace, conflict, and security research, thereby focusing on natural science, technical and computer science perspec-tives. In the following, it sheds light on fundamentals (e.g. IT in peace, conflict and security, natural-science/technical peace research), cyber conflicts and war (e.g. infor-mation warfare, cyber espionage, cyber defence, Darknet), cyber peace (e.g. dual-use, technology assessment, confidence and security building measures), cyber arms control (e.g. arms control in the cyberspace, unmanned systems, verification), cyber attribution and infrastructures (e.g. attribution of cyber attacks, resilient infrastructures, secure critical information infrastructures), culture and interaction (e.g. safety and security, cultural violence, social media), before an outlook is given. This chapter provides an overview of all chapters in this book.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Franken, Jonas and Gonsior, Anja-Liisa and Guntrum, Laura and Schmid, Stefka},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_1},
keywords = {Peace, Security, Projekt-CROSSING},
}
[BibTeX] [Abstract] [Download PDF]
Conflicts in cyberspace do not longer constitute a fictional scenario of the future. To gain a better understanding of how such conflicts are carried out, interdisciplinary research and teaching building on both computer science and peace and security studies is indispensable. Even though numerous established courses and textbooks exist in some disciplines, this does not apply to their intersection. This chapter (This chapter has been published as a paper (in German): Reuter et al. (2022)) reflects on the introduction of the interdisciplinary course “Information Technology for Peace and Security” for students of Computer Science, IT Security and Information Systems at the Technical University of Darmstadt and Peace and Conflict Research at the TU Darmstadt in cooperation with Goethe University Frankfurt. The challenges and solutions of interdisciplinary teaching are presented while the importance of this type of teaching is assessed.
@incollection{reuter_teaching_2024,
address = {Wiesbaden, Germany},
title = {Teaching {Peace} {Informatics}: {Reflections} from {Lectures} and {Exercises}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_21},
abstract = {Conflicts in cyberspace do not longer constitute a fictional scenario of the future. To gain a better understanding of how such conflicts are carried out, interdisciplinary research and teaching building on both computer science and peace and security studies is indispensable. Even though numerous established courses and textbooks exist in some disciplines, this does not apply to their intersection. This chapter (This chapter has been published as a paper (in German): Reuter et al. (2022)) reflects on the introduction of the interdisciplinary course “Information Technology for Peace and Security” for students of Computer Science, IT Security and Information Systems at the Technical University of Darmstadt and Peace and Conflict Research at the TU Darmstadt in cooperation with Goethe University Frankfurt. The challenges and solutions of interdisciplinary teaching are presented while the importance of this type of teaching is assessed.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Riebe, Thea and Haunschild, Jasmin and Reinhold, Thomas and Schmid, Stefka},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_21},
keywords = {Peace, Security, Infrastructure},
}
[BibTeX] [Abstract] [Download PDF]
Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.
@incollection{reuter_peace_2024,
address = {Wiesbaden, Germany},
title = {Peace {Informatics}: {Bridging} {Peace} and {Conflict} {Studies} with {Computer} {Science}},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_2},
abstract = {Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Gonsior, Anja-Liisa and Riebe, Thea and Kaufhold, Marc-André},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_2},
keywords = {Peace, Security, Infrastructure},
}
[BibTeX] [Abstract] [Download PDF]
Die Konferenz Science · Peace · Security ’23 fand vom 20. bis 22. September 2023 an der Technischen Universität Darmstadt statt. Sie widmete sich dem Wandel von Technologien, deren Rolle in Kriegen und Konflikten sowie Fragen der Rüstungskontrolle. Ausgerichtet wurde die englischsprachige Konferenz von TraCe, einem hessischen BMBF-Forschungsverbund zu Transformationen politischer Gewalt, vom DFG-Sonderforschungsbereich CROSSING zu kryptografiebasierten Sicherheitslösungen und vom Forschungsverbund Naturwissenschaft, Abrüstung und internationale Sicherheit FONAS. Der Krieg Russlands gegen die Ukraine macht die Bedeutung der Friedens- und Konfliktforschung und deren technische Dimension, unter anderem, offensichtlich. Bereits 2019 hat der Wissenschaftsrat als wichtigstes wissenschaftspolitisches Beratungsgremium in Deutschland seine Empfehlungen zur Weiterentwicklung der Friedens- und Konfliktforschung veröffentlicht. Darin weist er auf einen dringenden Handlungsbedarf zur Stärkung der naturwissenschaftlich-technischen Friedens- und Konfliktforschung hin. Die Konferenzreihe Science · Peace · Security möchte einen kleinen Beitrag dazu leisten. Sie wurde 2019 in Darmstadt gegründet, fand 2021 an der RWTH Aachen statt, und soll 2025 am Forschungszentrum Jülich stattfinden.
@techreport{reuter_technologie_2024,
address = {Wissenschaft und Frieden},
title = {{Technologie} und die {Transformation} {Politischer} {Gewalt}},
url = {http://www.peasec.de/paper/2024/2024_ReuterRiebeGuntrum_TechnologieTransformationPolitischeGewalt_WundF.pdf},
abstract = {Die Konferenz Science · Peace · Security ’23 fand vom 20. bis 22. September 2023 an der Technischen Universität Darmstadt statt. Sie widmete sich dem Wandel von Technologien, deren Rolle in Kriegen und Konflikten sowie Fragen der Rüstungskontrolle. Ausgerichtet wurde die englischsprachige Konferenz von TraCe, einem hessischen BMBF-Forschungsverbund zu Transformationen politischer Gewalt, vom DFG-Sonderforschungsbereich CROSSING zu kryptografiebasierten Sicherheitslösungen und vom Forschungsverbund Naturwissenschaft, Abrüstung und internationale Sicherheit FONAS.
Der Krieg Russlands gegen die Ukraine macht die Bedeutung der Friedens- und Konfliktforschung und deren technische Dimension, unter anderem, offensichtlich. Bereits 2019 hat der Wissenschaftsrat als wichtigstes wissenschaftspolitisches Beratungsgremium in Deutschland seine Empfehlungen zur Weiterentwicklung der Friedens- und Konfliktforschung veröffentlicht. Darin weist er auf einen dringenden Handlungsbedarf zur Stärkung der naturwissenschaftlich-technischen Friedens- und Konfliktforschung hin. Die Konferenzreihe Science · Peace · Security möchte einen kleinen Beitrag dazu leisten. Sie wurde 2019 in Darmstadt gegründet, fand 2021 an der RWTH Aachen statt, und soll 2025 am Forschungszentrum Jülich stattfinden.},
author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
year = {2024},
keywords = {Peace, Projekt-TraCe},
}
[BibTeX] [Abstract] [Download PDF]
Fortschritte in Wissenschaft und Technik, besonders der Informatik, spielen im Kontext von Frieden und Sicherheit eine essenzielle Rolle. Der Lehrstuhl Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) an der Technischen Universität Darmstadt verbindet Informatik mit Friedens-, Konflikt- und Sicherheitsforschung.
@techreport{reuter_informatik_2024,
address = {FIfF-Kommunikation},
title = {Informatik für den {Frieden}: {Perspektive} von {PEASEC} zu 40 {Jahren} {FIfF}},
url = {https://peasec.de/paper/2024/2024_Reuteretal_InformatikFuerFrieden_fiff.pdf},
abstract = {Fortschritte in Wissenschaft und Technik, besonders der Informatik, spielen im Kontext von Frieden und Sicherheit eine essenzielle Rolle. Der Lehrstuhl Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) an der Technischen Universität Darmstadt verbindet Informatik mit Friedens-, Konflikt- und Sicherheitsforschung.},
author = {Reuter, Christian and Franken, Jonas and Reinhold, Thomas and Kuehn, Philipp and Kaufhold, Marc-André and Riebe, Thea and Hartwig, Katrin and Biselli, Tom and Schmid, Stefka and Guntrum, Laura and Haesler, Steffen},
year = {2024},
keywords = {Peace, Security},
}
[BibTeX] [Abstract] [Download PDF]
Technological and scientific progress, especially the rapid development in information technology (IT) and artificial intelligence (AI), plays a crucial role regarding questions of peace and security. This textbook, extended and updated in its second edition, addresses the significance, potential of IT, as well as the challenges it poses, with regard to peace and security. It introduces the reader to the concepts of peace, conflict, and security research, especially focusing on natural, technical and computer science perspectives. In the following sections, it sheds light on cyber conflicts, war and peace, cyber arms control, cyber attribution, infrastructures, artificial intelligence, as well ICT in peace and conflict.
@book{reuter_information_2024,
address = {Wiesbaden, Germany},
edition = {2},
title = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
isbn = {978-3-658-44809-7},
url = {https://doi.org/10.1007/978-3-658-44810-3},
abstract = {Technological and scientific progress, especially the rapid development in information technology (IT) and artificial intelligence (AI), plays a crucial role regarding questions of peace and security. This textbook, extended and updated in its second edition, addresses the significance, potential of IT, as well as the challenges it poses, with regard to peace and security.
It introduces the reader to the concepts of peace, conflict, and security research, especially focusing on natural, technical and computer science perspectives. In the following sections, it sheds light on cyber conflicts, war and peace, cyber arms control, cyber attribution, infrastructures, artificial intelligence, as well ICT in peace and conflict.},
publisher = {Springer Vieweg},
author = {Reuter, Christian},
year = {2024},
keywords = {Peace, Projekt-TraCe, Security, Projekt-CROSSING, Selected, Cyberwar, AuswahlPeace, Infrastructure},
}
[BibTeX] [Abstract] [Download PDF]
Dual-use of IT is relevant to many applications and technology areas: how can we prevent, control or manage the risk of misuse of IT? How can dual-use awareness and regulation help to mitigate the risks to peace and security on the national and international levels? As cyberspace has been declared a military domain, IT is increasingly important for civil and military infrastructures. How can researchers, developers and decision-makers make sure that IT is not misused to cause harm? This has been discussed as the dual-use problem for nuclear, biological and chemical technologies. This chapter introduces different dual-use concepts and illustrates by considering cryptography, intrusion software, and artificial intelligence how governance measures, including export control, are applied. Further, approaches of technology assessment, with a focus on the design process, are presented. The chapter also provides insight into the implementation of dual-use assessment guidelines at TU Darmstadt, the so-called Civil Clause.
@incollection{riebe_dual-use_2024,
address = {Wiesbaden, Germany},
title = {Dual-{Use} {Information} {Technology}: {Research}, {Development} and {Governance}},
isbn = {978-3-658-25652-4},
url = {https://link.springer.com/chapter/10.1007/978-3-658-44810-3_8},
abstract = {Dual-use of IT is relevant to many applications and technology areas: how can we prevent, control or manage the risk of misuse of IT? How can dual-use awareness and regulation help to mitigate the risks to peace and security on the national and international levels? As cyberspace has been declared a military domain, IT is increasingly important for civil and military infrastructures. How can researchers, developers and decision-makers make sure that IT is not misused to cause harm? This has been discussed as the dual-use problem for nuclear, biological and chemical technologies. This chapter introduces different dual-use concepts and illustrates by considering cryptography, intrusion software, and artificial intelligence how governance measures, including export control, are applied. Further, approaches of technology assessment, with a focus on the design process, are presented. The chapter also provides insight into the implementation of dual-use assessment guidelines at TU Darmstadt, the so-called Civil Clause.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
note = {https://doi.org/10.1007/978-3-658-44810-3\_8},
keywords = {Peace},
}
[BibTeX] [Abstract]
The development of artificial intelligence and autonomous functions in the military domain has an immense impact on technologies being developed by the private defence industry. Defence firms contribute to the narratives and visions on autonomous weapon systems and the future of warfare, e.g. in the form of strategic marketing of their products. However, their role has so far been understudied, especially regarding autonomous weapon systems. As the normative debate revolves around aspects of human control, this work examines the narratives of (meaningful) human control in the marketing of autonomous military systems by defence manufacturers. Based on a comprehensive content analysis of twenty defence firms, we identified three main narratives, which envision autonomy as a military advantage, the role of the human in the future of warfare, and human-machine teaming. Based on the results, we argue that defence companies reproduce and adapt narratives which shape expectations and visions of human control of autonomous weapon systems in anticipation of emerging norms for (meaningful) human control. However, without specifications and verification mechanisms, there is no indication that human control will be meaningful.
@article{riebe_envisioning_2024,
title = {Envisioning {Human}-{Machine} {Interaction} in {Future} {Warfare}: {Defence} {Industry} {Narratives} on {Human} {Control} of {Autonomous} {Weapon} {Systems}},
abstract = {The development of artificial intelligence and autonomous functions in the military domain has an immense impact on technologies being developed by the private defence industry. Defence firms contribute to the narratives and visions on autonomous weapon systems and the future of warfare, e.g. in the form of strategic marketing of their products. However, their role has so far been understudied, especially regarding autonomous weapon systems. As the normative debate revolves around aspects of human control, this work examines the narratives of (meaningful) human control in the marketing of autonomous military systems by defence manufacturers. Based on a comprehensive content analysis of twenty defence firms, we identified three main narratives, which envision autonomy as a military advantage, the role of the human in the future of warfare, and human-machine teaming. Based on the results, we argue that defence companies reproduce and adapt narratives which shape expectations and visions of human control of autonomous weapon systems in anticipation of emerging norms for (meaningful) human control. However, without specifications and verification mechanisms, there is no indication that human control will be meaningful.},
journal = {Global Society},
author = {Riebe, Thea and Reuter, Christian and Gonsior, Anja-Liisa and Reichert, Lilian},
year = {2024},
keywords = {Peace, Projekt-TraCe, Student, HCI, Projekt-ATHENE-CyAware, A-Paper, Ranking-ImpactFactor, AuswahlPeace},
}
[BibTeX] [Abstract] [Download PDF]
In crises such as the COVID-19 pandemic, it is crucial to support users when dealing with social media content. Considering digital resilience, we propose a web app based on Social Network Analysis (SNA) to provide an overview of potentially misleading vs. non-misleading content on Twitter, which can be explored by users and enable foundational learning. The latter aims at systematically identifying thematic patterns which may be associated with misleading information. Additionally, it entails reflecting on indicators of misleading tweets which are proposed to approach classification of tweets. Paying special attention to non-expert users of social media, we conducted a two-step Think Aloud study for evaluation. While participants valued the opportunity to generate new knowledge and the diversity of the application, qualities such as equality and rapidity may be further improved. However, learning effects outweighed individual costs as all users were able to shift focus onto relevant features, such as hashtags, while readily pointing out content characteristics. Our design artifact connects to learning-oriented interventions regarding the spread of misleading information and tackles information overload by a SNA-based plug-in.
@article{schmid_digital_2024,
title = {Digital {Resilience} in {Dealing} with {Misinformation} on {Social} {Media} during {COVID}-19: {A} {Web} {Application} to {Assist} {Users} in {Crises}},
volume = {26},
issn = {1572-9419},
url = {https://doi.org/10.1007/s10796-022-10347-5},
doi = {10.1007/s10796-022-10347-5},
abstract = {In crises such as the COVID-19 pandemic, it is crucial to support users when dealing with social media content. Considering digital resilience, we propose a web app based on Social Network Analysis (SNA) to provide an overview of potentially misleading vs. non-misleading content on Twitter, which can be explored by users and enable foundational learning. The latter aims at systematically identifying thematic patterns which may be associated with misleading information. Additionally, it entails reflecting on indicators of misleading tweets which are proposed to approach classification of tweets. Paying special attention to non-expert users of social media, we conducted a two-step Think Aloud study for evaluation. While participants valued the opportunity to generate new knowledge and the diversity of the application, qualities such as equality and rapidity may be further improved. However, learning effects outweighed individual costs as all users were able to shift focus onto relevant features, such as hashtags, while readily pointing out content characteristics. Our design artifact connects to learning-oriented interventions regarding the spread of misleading information and tackles information overload by a SNA-based plug-in.},
number = {2},
journal = {Information Systems Frontiers (ISF)},
author = {Schmid, Stefka and Hartwig, Katrin and Cieslinski, Robert and Reuter, Christian},
month = apr,
year = {2024},
keywords = {Projekt-TraCe, Student, Crisis, A-Paper, Projekt-NEBULA},
pages = {477--499},
}
[BibTeX] [Abstract] [Download PDF]
Digital technology and smartphones provide great opportunities to support crisis response measures. During the COVID-19 pandemic, many countries introduced contact tracing apps (CTAs) to prevent the virus’s spread and identify infection clusters. Because wide acceptance is necessary for these apps to work, it has been a subject of research. Past research often highlighted the role of trust for acceptance and suggested that technical transparency by opening the source code can help to build trust. For this reason, we studied the acceptance of two German apps: the Corona-Warn-App (CWA), which was developed as open-source software early on, and the Luca app, which did not publish the source code initially. We conducted a multinomial logistic regression testing effects on the adoption of (1) only the CWA, (2) only the Luca app, or (3) both apps. As predictors, we considered the role of trust in the app publisher and the government and controlled for predictors relevant to past research. We found trust to have a significant effect on the acceptance of the apps. A self-reported understanding of the term “open-source software” and a perceived threat by COVID-19 had a positive effect for the Corona-Warn-App or both apps but not for the Luca app alone. Being from Eastern Germany lowered the acceptance of the Luca app or both apps. Our findings can add to previous CTA acceptance research and provide insights for policymakers for future digital crisis measures, especially for populations comparable to the German population regarding government trust and privacy attitudes.
@article{steinbrink_impact_2024,
title = {The {Impact} of {Transparency} and {Trust} on {User} {Acceptance} of {Contact} {Tracing} {Apps}: {Implications} for the {Adoption} of {Crisis} {Response} {Apps}},
issn = {2212-4209},
url = {https://www.sciencedirect.com/science/article/pii/S2212420924004230},
doi = {10.1016/j.ijdrr.2024.104661},
abstract = {Digital technology and smartphones provide great opportunities to support crisis response measures. During the COVID-19 pandemic, many countries introduced contact tracing apps (CTAs) to prevent the virus’s spread and identify infection clusters. Because wide acceptance is necessary for these apps to work, it has been a subject of research. Past research often highlighted the role of trust for acceptance and suggested that technical transparency by opening the source code can help to build trust. For this reason, we studied the acceptance of two German apps: the Corona-Warn-App (CWA), which was developed as open-source software early on, and the Luca app, which did not publish the source code initially. We conducted a multinomial logistic regression testing effects on the adoption of (1) only the CWA, (2) only the Luca app, or (3) both apps. As predictors, we considered the role of trust in the app publisher and the government and controlled for predictors relevant to past research. We found trust to have a significant effect on the acceptance of the apps. A self-reported understanding of the term “open-source software” and a perceived threat by COVID-19 had a positive effect for the Corona-Warn-App or both apps but not for the Luca app alone. Being from Eastern Germany lowered the acceptance of the Luca app or both apps. Our findings can add to previous CTA acceptance research and provide insights for policymakers for future digital crisis measures, especially for populations comparable to the German population regarding government trust and privacy attitudes.},
journal = {International Journal of Disaster Risk Reduction},
author = {Steinbrink, Enno and Reuter, Christian},
month = jul,
year = {2024},
keywords = {Crisis, HCI, A-Paper, Projekt-ATHENE-PriVis, Ranking-ImpactFactor, Projekt-GRKPrivacy},
pages = {104661},
}
2023
[BibTeX] [Abstract] [Download PDF]
A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication
@article{bayer_multi-level_2023,
title = {Multi-{Level} {Fine}-{Tuning}, {Data} {Augmentation}, and {Few}-{Shot} {Learning} for {Specialized} {Cyber} {Threat} {Intelligence}},
issn = {0167-4048},
url = {https://peasec.de/paper/2023/2023_BayerFreyReuter_MultiLevelFineTuningForCyberThreatIntelligence_CS.pdf},
doi = {10.1016/j.cose.2023.103430},
abstract = {A Design Science Artefact for Cyber Threat Detection and Actor Specific Communication},
journal = {Computers \& Security},
author = {Bayer, Markus and Frey, Tobias and Reuter, Christian},
year = {2023},
keywords = {Student, Security, Projekt-CYWARN, Projekt-CROSSING, A-Paper, Projekt-ATHENE, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model’s generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.
@article{bayer_survey_2023,
title = {A {Survey} on {Data} {Augmentation} for {Text} {Classification}},
volume = {55},
url = {https://dl.acm.org/doi/pdf/10.1145/3544558},
doi = {10.1145/3544558},
abstract = {Data augmentation, the artificial creation of training data for machine learning by transformations, is a widely studied research field across machine learning disciplines. While it is useful for increasing a model's generalization capabilities, it can also address many other challenges and problems, from overcoming a limited amount of training data, to regularizing the objective, to limiting the amount data used to protect privacy. Based on a precise description of the goals and applications of data augmentation and a taxonomy for existing works, this survey is concerned with data augmentation methods for textual classification and aims to provide a concise and comprehensive overview for researchers and practitioners. Derived from the taxonomy, we divide more than 100 methods into 12 different groupings and give state-of-the-art references expounding which methods are highly promising by relating them to each other. Finally, research perspectives that may constitute a building block for future work are provided.},
number = {7},
journal = {ACM Computing Surveys (CSUR)},
author = {Bayer, Markus and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {Crisis, Projekt-CYWARN, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, AuswahlKaufhold, Ranking-CORE-A*, Selected, AuswahlCrisis, Ranking-ImpactFactor},
pages = {1--39},
}
[BibTeX] [Abstract] [Download PDF]
Landwirtschaft als essenzieller Teil der Nahrungsmittelproduktion gehört zu den kritischen Infrastrukturen (KRITIS). Dementsprechend müssen die eingesetzten Systeme für einen widerstandsfähigen Betrieb ausgelegt sein. Dies gilt auch für die auf landwirtschaftlichen Betrieben eingesetzte Software, die Sicherheits- und Resilienzkriterien genügen muss. Jedoch ist die Zunahme an Software zu beobachten, welche eine permanente Internetkonnektivität erfordert, d. h. eine stabile Verbindung zu Servern oder Cloud-Applikationen ist für deren Funktionsweise erforderlich. Dies stellt eine erhebliche Schwachstelle hinsichtlich der Resilienz dar und kann bei Ausfällen der Telekommunikationsinfrastruktur zu großen Problemen führen. Mit Entwicklungen aus dem Bereich Resilient Smart Farming (RSF) zeigen wir, wie Datenhaltung nach dem Offline-First-Prinzip gestaltet werden kann. Ein zentraler Bestandteil hierbei ist das Resilient Edge Computing (REC) und die entwickelte HofBox: ein Mini-Server, der das Datenmanagement im Betrieb übernimmt und mittels innovativer Open-Source basierender Container-Technologie (Open Horizon) umsetzt. Dadurch werden in Zukunft weitere Anwendungsfälle innerhalb der landwirtschaftlichen Produktions- und Wertschöpfungskette durch Public-Private-Partnership-Modelle realistisch und realisierbar.
@inproceedings{eberz-eder_prototypische_2023,
title = {Prototypische {Entwicklungen} zur {Umsetzung} des {Resilient} {Smart} {Farming} ({RSF}) mittels {Edge} {Computing}},
url = {https://dl.gi.de/handle/20.500.12116/40264},
abstract = {Landwirtschaft als essenzieller Teil der Nahrungsmittelproduktion gehört zu den kritischen Infrastrukturen (KRITIS). Dementsprechend müssen die eingesetzten Systeme für einen widerstandsfähigen Betrieb ausgelegt sein. Dies gilt auch für die auf landwirtschaftlichen Betrieben eingesetzte Software, die Sicherheits- und Resilienzkriterien genügen muss. Jedoch ist die Zunahme an Software zu beobachten, welche eine permanente Internetkonnektivität erfordert, d. h. eine stabile Verbindung zu Servern oder Cloud-Applikationen ist für deren Funktionsweise erforderlich. Dies stellt eine erhebliche Schwachstelle hinsichtlich der Resilienz dar und kann bei Ausfällen der Telekommunikationsinfrastruktur zu großen Problemen führen. Mit Entwicklungen aus dem Bereich Resilient Smart Farming (RSF) zeigen wir, wie Datenhaltung nach dem Offline-First-Prinzip gestaltet werden kann. Ein zentraler Bestandteil hierbei ist das Resilient Edge Computing (REC) und die entwickelte HofBox: ein Mini-Server, der das Datenmanagement im Betrieb übernimmt und mittels innovativer Open-Source basierender Container-Technologie (Open Horizon) umsetzt. Dadurch werden in Zukunft weitere Anwendungsfälle innerhalb der landwirtschaftlichen Produktions- und Wertschöpfungskette durch Public-Private-Partnership-Modelle realistisch und realisierbar.},
booktitle = {43. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
publisher = {Gesellschaft für Informatik},
author = {Eberz-Eder, Daniel and Kuntke, Franz and Brill, Gerwin and Bernardi, Ansgar and Wied, Christian and Nuderscher, Philippe and Reuter, Christian},
year = {2023},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, RSF, Security, UsableSec},
pages = {309--314},
}
[BibTeX] [Abstract] [Download PDF]
Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.
@incollection{franken_netz_2023,
address = {Bonn},
title = {Das {Netz} hat {Geschichte}: {Historisch}-technische {Analyse} der kritischen {Infrastrukturen} in der {Region} {Rhein}/{Main}},
url = {https://peasec.de/paper/2023/2023_FrankenZivkovicThiessenEngelsReuter_NetzGeschichte_GI.pdf},
abstract = {Kritische Infrastrukturen sind häufig über Jahrzehnte gewachsene, komplexe Netze. Dennoch fehlt derzeit die historische Perspektive auf die Aufschichtungstendenzen von Technologien in den Sektoren, die für die Gesellschaft essenzielle Dienste bereitstellen. Ein besseres Verständnis von Ausbreitungs-, Ausbau-, Ersatz- und Ausmusterungsprozessen kann Entscheidungshilfe und Orientierung für resilientere Versorgungsnetzarchitekturen in der Zukunft geben. Kompatibilitätsprobleme mit Legacy-Soft- und Hardware sind bekannte Phänomene in vielen KRITIS-Einrichtungen. Entsprechend gewinnen Wissens- und Erfahrungstransfers bei zunehmend komplexen, dennoch über Jahrzehnte verwendete Technologien in landwirtschaftlichen Betrieben enorm an Bedeutung. Der Beitrag vollzieht die Konzeption und Fragestellungen eines interdisziplinären Forschungsprojekts nach, in welchem die Verwundbarkeit der kritischen Infrastruktursektoren Verkehr und Kommunikation im Rhein-Main-Gebiet analysiert wird. Von den Leistungen beider Sektoren hängt die digitale Landwirtschaft stark ab. Insbesondere rurale, beim digitalen und Schienennetzausbau häufig vernachlässigte Gebiete werden dabei mittels explorativer Interviewstudie und anschließender archivbasierter, quantitativer Überprüfung der zuvor generierten Hypothesen aus einer raum-zeitlichen und technischen Perspektive untersucht.},
booktitle = {{INFORMATIK} 2023 - {Designing} {Futures}: {Zukünfte} gestalten},
publisher = {Gesellschaft für Informatik e. V.},
author = {Franken, Jonas and Zivkovic, Marco and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
year = {2023},
doi = {10.18420/inf2023_159},
keywords = {Projekt-AgriRegio, Security, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, Infrastructure},
pages = {1--6},
}
[BibTeX] [Download PDF]
@inproceedings{franken_internets_2023,
address = {Kiel},
title = {The {Internet}’s {Plumbing} {Consists} of {Garden} {Hoses}: {A} {Critical} {Analysis} of the {Advantages} and {Pitfalls} of {Metaphors} {Use} for {Critical} {Maritime} {Infrastructures}},
url = {https://peasec.de/paper/2023/2023_FrankenSchneiderReuter_MetaphernMarKRITIS_Dreizack23.pdf},
booktitle = {Dreizack 23},
publisher = {The Kiel Seapower Series},
author = {Franken, Jonas and Schneider, Franziska and Reuter, Christian},
editor = {Schilling, Henrik},
year = {2023},
keywords = {Peace, Projekt-AgriRegio, Security, Projekt-ATHENE-SecUrban, Projekt-NetzGeschichte},
pages = {1--8},
}
[BibTeX] [Download PDF]
@article{franken_buchrezension_2023,
title = {Buchrezension: {Stahlhut}, {Björn}/{Lammert}, {Martin} ({Hrsg}.): {Gesamtstaatliche} {Sicherheitsvorsorge} – gerüstet für den {Ernstfall}!?, 200 {S}., {BWV}, {Berlin} 2022.},
issn = {2197-6082},
url = {https://link.springer.com/article/10.1007/s42520-023-00496-5},
doi = {https://doi.org/10.1007/s42520-023-00496-5},
journal = {Neue Politische Literatur (NPL)},
author = {Franken, Jonas and Reuter, Christian},
year = {2023},
keywords = {Peace},
}
[BibTeX] [Download PDF]
@techreport{gonsior_friedensinformatik_2023,
title = {Friedensinformatik: heute und morgen},
url = {https://peasec.de/paper/2023/2023_GonsiorRiebeSchmidReinholdReuter_FriedensinformatikHeuteMorgen_WundF.pdf},
author = {Gonsior, Anja-Liisa and Riebe, Thea and Schmid, Stefka and Reinhold, Thomas and Reuter, Christian},
year = {2023},
keywords = {Peace},
pages = {34--37},
}
[BibTeX] [Abstract] [Download PDF]
Given the lack of empirical examples of how research can be conducted via digital means in sensitive contexts, this paper provides a threat model using Afghanistan, where the Taliban took power in August 2021, as an example. Both technical and non-technical research-related risks are analyzed, paying attention to research ethics, data security, and privacy. We argue that any threat model and risk analysis is highly context-dependent. Our analysis reveals that in certain research processes, human security does not necessarily coincide with data security and that an ambivalence exists between privacy and usability. In addition to the concrete threat analysis, the paper identifies some general technical solutions (e.g., encryption methods, communication software) for different research steps to foster secure and ethically justifiable research.
@article{guntrum_using_2023,
title = {Using {Digitally} {Mediated} {Methods} in {Sensitive} {Contexts}: {A} {Threat} {Analysis} and {Critical} {Reflection} on {Security}, {Privacy}, and {Ethical} {Concerns} in the {Case} of {Afghanistan}},
volume = {11},
issn = {2524-6976},
url = {https://link.springer.com/article/10.1007/s42597-022-00088-2},
doi = {10.1007/s42597-022-00088-2},
abstract = {Given the lack of empirical examples of how research can be conducted via digital means in sensitive contexts, this paper provides a threat model using Afghanistan, where the Taliban took power in August 2021, as an example. Both technical and non-technical research-related risks are analyzed, paying attention to research ethics, data security, and privacy. We argue that any threat model and risk analysis is highly context-dependent. Our analysis reveals that in certain research processes, human security does not necessarily coincide with data security and that an ambivalence exists between privacy and usability. In addition to the concrete threat analysis, the paper identifies some general technical solutions (e.g., encryption methods, communication software) for different research steps to foster secure and ethically justifiable research.},
number = {2},
journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
author = {Guntrum, Laura and Güldenring, Benjamin and Kuntke, Franz and Reuter, Christian},
month = oct,
year = {2023},
keywords = {Peace, Projekt-TraCe, Projekt-ATHENE-FANCY},
pages = {95--128},
}
[BibTeX] [Abstract] [Download PDF]
The article examines which technical aspects of autonomous driving are potentially transferable to the military sector. Through expert interviews the strong fragmentation of technologies in the field of autonomous driving becomes apparent. This hinders the clear identification of a specific dual-use technology. Environmental perception, artificial intelligence and sensors are considered to have the highest transferability rate from civil research to the military sector. Therefore, sensor development should receive special attention.
@article{guntrum_dual-use_2023,
title = {Dual-{Use} {Technologies} in the {Context} of {Autonomous} {Driving}: {An} {Empirical} {Case} {Study} {From} {Germany}},
issn = {1866-2196},
url = {https://doi.org/10.1007/s12399-022-00935-3},
doi = {10.1007/s12399-022-00935-3},
abstract = {The article examines which technical aspects of autonomous driving are potentially transferable to the military sector. Through expert interviews the strong fragmentation of technologies in the field of autonomous driving becomes apparent. This hinders the clear identification of a specific dual-use technology. Environmental perception, artificial intelligence and sensors are considered to have the highest transferability rate from civil research to the military sector. Therefore, sensor development should receive special attention.},
journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
author = {Guntrum, Laura and Schwartz, Sebastian and Reuter, Christian},
month = jan,
year = {2023},
keywords = {Peace, Projekt-TraCe, Projekt-ATHENE-SecUrban},
}
[BibTeX] [Abstract] [Download PDF]
About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants‘ (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.
@inproceedings{haesler_getting_2023,
address = {New York, NY, USA},
series = {{DIS} '23},
title = {Getting the {Residents}' {Attention}: {The} {Perception} of {Warning} {Channels} in {Smart} {Home} {Warning} {Systems}},
isbn = {978-1-4503-9893-0},
url = {https://peasec.de/paper/2023/2023_HaeslerWendelbornReuter_SmartHomeWarningSystems_DIS},
doi = {10.1145/3563657.3596076},
abstract = {About half a billion households are expected to use smart home systems by 2025. Although many IoT sensors, such as smoke detectors or security cameras, are available and governmental crisis warning systems are in place, little is known about how to warn appropriately in smart home environments. We created a Raspberry Pi based prototype with a speaker, a display, and a connected smart light bulb. Together with a focus group, we developed a taxonomy for warning messages in smart home environments, dividing them into five classes with different stimuli. We evaluated the taxonomy using the Experience Sampling Method (ESM) in a field study at participants' (N = 13) homes testing 331 warnings. The results show that taxonomy-based warning stimuli are perceived to be appropriate and participants could imagine using such a warning system. We propose a deeper integration of warning capabilities into smart home environments to enhance the safety of citizens.},
booktitle = {Proceedings of the {ACM} {Designing} {Interactive} {Systems} {Conference} ({DIS})},
publisher = {Association for Computing Machinery},
author = {Haesler, Steffen and Wendelborn, Marc and Reuter, Christian},
year = {2023},
note = {event-place: Pittsburgh, PA, USA},
keywords = {Student, Crisis, HCI, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, Ranking-CORE-A},
pages = {1114--1127},
}
[BibTeX] [Abstract] [Download PDF]
The importance of dealing with fake newsfake news has increased in both political and social contexts: While existing studies mainly focus on how to detect and label fake news, approaches to help users make their own assessments are largely lacking. This article presents existing black-boxblack box and white-boxwhite box approaches and compares advantages and disadvantages. In particular, white-box approaches show promise in counteracting reactance, while black-box approaches detect fake news with much greater accuracy. We also present the browser plugin TrustyTweetTrustyTweet, which we developed to help users evaluate tweets on Twitter by displaying politically neutral and intuitive warnings without generating reactance.
@incollection{hartwig_countering_2023,
address = {Wiesbaden},
title = {Countering {Fake} {News} {Technically} – {Detection} and {Countermeasure} {Approaches} to {Support} {Users}},
isbn = {978-3-658-40406-2},
url = {https://peasec.de/paper/2023/2023_HartwigReuter_CounteringFakeNews_TruthFakePostTruth.pdf},
abstract = {The importance of dealing with fake newsfake news has increased in both political and social contexts: While existing studies mainly focus on how to detect and label fake news, approaches to help users make their own assessments are largely lacking. This article presents existing black-boxblack box and white-boxwhite box approaches and compares advantages and disadvantages. In particular, white-box approaches show promise in counteracting reactance, while black-box approaches detect fake news with much greater accuracy. We also present the browser plugin TrustyTweetTrustyTweet, which we developed to help users evaluate tweets on Twitter by displaying politically neutral and intuitive warnings without generating reactance.},
booktitle = {Truth and {Fake} in the {Post}-{Factual} {Digital} {Age}: {Distinctions} in the {Humanities} and {IT} {Sciences}},
publisher = {Springer Fachmedien Wiesbaden},
author = {Hartwig, Katrin and Reuter, Christian},
editor = {Klimczak, Peter and Zoglauer, Thomas},
year = {2023},
doi = {10.1007/978-3-658-40406-2_7},
keywords = {Crisis, HCI, Projekt-CROSSING, Projekt-ATHENE, SocialMedia},
pages = {131--147},
}
[BibTeX] [Abstract] [Download PDF]
The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers are discussed.
@incollection{haunschild_dual-use_2023,
title = {Dual-use in volunteer operations? {Attitudes} of computer science students regarding the establishment of a cyber security volunteer force},
isbn = {978-83-66675-89-6},
url = {https://sciendo.com/chapter/9788366675896/10.2478/9788366675896-006},
abstract = {The digitalisation of critical infrastructure has increased the risk of large-scale cyber incidents. In contrast to the management of conventional emergencies by established civil protection organisations involving volunteers in Germany, few response capacities exist for these events. The concept of a volunteer force for cyber security could close this protection gap. However, such involvement also poses practical and ethical challenges. By conducting interviews with computer science students (N = 11), this paper analyses potential volunteers’ attitudes towards ethical implications of a cyber volunteer force, as well as practical aspects that might motivate or hinder their participation. A qualitative
content analysis reveals that students are largely unaware of potential dilemmas connected to vulnerabilities handling and national cybersecurity interests. Ethical guidelines and means of motivating and encouraging potential volunteers
are discussed.},
booktitle = {International {Symposium} on {Technikpsychologie} ({TecPsy})},
publisher = {Sciendo},
author = {Haunschild, Jasmin and Jung, Leon and Reuter, Christian},
editor = {Nina, Gerber and Zimmermann, Verena},
year = {2023},
keywords = {Student, Security, UsableSec, Crisis, Projekt-emergenCITY, Projekt-ATHENE-SecUrban},
pages = {66--81},
}
[BibTeX] [Abstract] [Download PDF]
Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.
@article{haunschild_preparedness_2023,
title = {Preparedness {Nudging} for {Warning} {Apps}? {A} {Mixed}-{Method} {Study} {Investigating} {Popularity} and {Effects} of {Preparedness} {Alerts} in {Warning} {Apps}},
volume = {172},
issn = {1071-5819},
url = {https://peasec.de/paper/2023/2023_HaunschildPauliReuter_NudgingWarningApps_IJHCS.pdf},
doi = {https://doi.org/10.1016/j.ijhcs.2023.102995},
abstract = {Warning apps are used by many to receive warnings about imminent disasters. However, their potential for increasing awareness about general hazards and for increasing preparedness is currently underused. With a mixed-method design that includes a representative survey of the German population, a design workshop and an app evaluation experiment, this study investigates users’ preferences regarding non-acute preparedness alerts’ inclusion in crisis apps and the effectiveness of Nudging in this context. The experiment shows that while the social influence nudge had no significant effect compared to the control group without a nudging condition, the confrontational nudge increased the number of taken recommended preparedness measures. The evaluation indicates that the preparedness alerts increased users’ knowledge and their motivation to use a warning app. This motivation is, in contrast, decreased when the messages are perceived as a disruption. While many oppose push notifications, favor finding persuasively designed preparedness advice in a separate menu or as an optional notification.},
journal = {International Journal on Human-Computer Studies (IJHCS)},
author = {Haunschild, Jasmin and Pauli, Selina and Reuter, Christian},
year = {2023},
keywords = {Student, Crisis, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, A-Paper, Selected, AuswahlCrisis, Ranking-ImpactFactor},
pages = {102995},
}
[BibTeX] [Abstract] [Download PDF]
The use of social media today is not only ubiquitous and an integral part of everyday life but is also increasingly relevant before, during, or after emergencies. Data produced in these contexts, such as situational updates and multimedia content, is disseminated across different social media platforms and can be leveraged by various actors, including emergency services or volunteer communities. However, the dissemination of several thousand or even millions of messages during large-scale emergencies confronts analysts with challenges of information quality and overload. Hence, crisis informatics as a research domain seeks to explore and develop systems that support the collection, analysis, and dissemination of valuable social media information in emergencies. This chapter presents the social media API (SMA), which is a multi-platform service for gathering big social data across different social media channels and analyzing the credibility and relevance of collected data by the means of machine learning models. Based on the lessons learned from both the implementation process and user-centered evaluations in multiple emergency settings, this chapter discusses core challenges and potentials of the SMA and similar services, focusing on (1) the multi-platform gathering and management of data, (2) the mitigation of information overload by relevance assessment and message grouping, (3) the assessment of credibility and information quality, and (4) user-centered tailorability and adjustable data operations.
@incollection{kaufhold_big_2023,
address = {Singapore},
title = {Big {Data} and {Multi}-platform {Social} {Media} {Services} in {Disaster} {Management}},
isbn = {978-981-16-8800-3},
url = {https://peasec.de/paper/2023/2023_KaufholdReuterLudwig_BigDataMultiPlatformSocialMediaDisaster_HandbookDisaster.pdf},
abstract = {The use of social media today is not only ubiquitous and an integral part of everyday life but is also increasingly relevant before, during, or after emergencies. Data produced in these contexts, such as situational updates and multimedia content, is disseminated across different social media platforms and can be leveraged by various actors, including emergency services or volunteer communities. However, the dissemination of several thousand or even millions of messages during large-scale emergencies confronts analysts with challenges of information quality and overload. Hence, crisis informatics as a research domain seeks to explore and develop systems that support the collection, analysis, and dissemination of valuable social media information in emergencies. This chapter presents the social media API (SMA), which is a multi-platform service for gathering big social data across different social media channels and analyzing the credibility and relevance of collected data by the means of machine learning models. Based on the lessons learned from both the implementation process and user-centered evaluations in multiple emergency settings, this chapter discusses core challenges and potentials of the SMA and similar services, focusing on (1) the multi-platform gathering and management of data, (2) the mitigation of information overload by relevance assessment and message grouping, (3) the assessment of credibility and information quality, and (4) user-centered tailorability and adjustable data operations.},
booktitle = {International {Handbook} of {Disaster} {Research}},
publisher = {Springer Nature Singapore},
author = {Kaufhold, Marc-André and Reuter, Christian and Ludwig, Thomas},
editor = {Singh, Amita},
year = {2023},
keywords = {Crisis, HCI, Projekt-CYWARN, Projekt-emergenCITY, Projekt-KOKOS},
pages = {1--21},
}
[BibTeX] [Abstract] [Download PDF]
Despite the merits of public and social media in private and professional spaces, citizens and professionals are increasingly exposed to cyberabuse, such as cyberbullying and hate speech. Thus, Law Enforcement Agencies (LEA) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberabuse. However, their tasks are getting more complex by the increasing amount and varying quality of information disseminated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYLENCE project, which seeks to design strategies and tools for cross-media reporting, detection, and treatment of cyberbullying and hatespeech in investigative and law enforcement agencies. Second, it identifies and elaborates seven research challenges with regard to the monitoring, analysis and communication of cyberabuse in LEAs, which serve as a starting point for in-depth research within the project.
@inproceedings{kaufhold_cylence_2023,
address = {Rapperswil, Switzerland},
title = {{CYLENCE}: {Strategies} and {Tools} for {Cross}-{Media} {Reporting}, {Detection}, and {Treatment} of {Cyberbullying} and {Hatespeech} in {Law} {Enforcement} {Agencies}},
url = {https://dl.gi.de/items/0e0efe8f-64bf-400c-85f7-02b65f83189d},
doi = {10.18420/muc2023-mci-ws01-211},
abstract = {Despite the merits of public and social media in private and professional spaces, citizens and professionals are increasingly exposed to cyberabuse, such as cyberbullying and hate speech. Thus, Law Enforcement Agencies (LEA) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberabuse. However, their tasks are getting more complex by the increasing amount and varying quality of information disseminated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYLENCE project, which seeks to design strategies and tools for cross-media reporting, detection, and treatment of cyberbullying and hatespeech in investigative and law enforcement agencies. Second, it identifies and elaborates seven research challenges with regard to the monitoring, analysis and communication of cyberabuse in LEAs, which serve as a starting point for in-depth research within the project.},
language = {de},
booktitle = {Mensch und {Computer} 2023 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Bayer, Markus and Bäumler, Julian and Reuter, Christian and Stieglitz, Stefan and Basyurt, Ali Sercan and Mirabaie, Milad and Fuchß, Christoph and Eyilmez, Kaan},
year = {2023},
keywords = {UsableSec, HCI, Projekt-CYLENCE},
}
[BibTeX] [Abstract] [Download PDF]
Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.
@inproceedings{kaufhold_10_2023,
address = {Rapperswil, Switzerland},
title = {10. {Workshop} {Mensch}-{Maschine}-{Interaktion} in sicherheitskritischen {Systemen}},
url = {https://dl.gi.de/items/d907ac5d-4c73-467d-adfc-4bafdb8b4cf0},
doi = {10.18420/muc2023-mci-ws01-102},
abstract = {Im Zentrum dieses Workshops steht die Interaktion von Mensch und Technik in sicherheitskritischen Kontexten. Hierzu zählen Bereiche, die bereits seit Jahrzehnten Gegenstand der Forschung sind (z.B. Prozessführung in Leitwarten), aber auch aktuelle Herausforderungen (z.B. Social Media im Katastrophenschutz). In diesen und vielen weiteren Bereichen gilt, dass sichere Systemzustände nur durch die ganzheitliche Betrachtung von Mensch, Technik und Organisation gewährleistet bzw. schnellstmöglich wieder erreicht werden können. In diesem Zusammenhang ist der Workshop auch der Nutzbarkeit und Akzeptanz von Sicherheitskonzepten sowie einer bewussteren Auseinandersetzung der Nutzenden mit diesem Thema gewidmet.},
language = {de},
booktitle = {Mensch und {Computer} 2023 - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Mentler, Tilo and Nestler, Simon and Reuter, Christian},
year = {2023},
keywords = {Security, UsableSec, HCI},
}
[BibTeX] [Abstract] [Download PDF]
Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52\%, which are, to the best of our knowledge, better than the current state of the art.
@techreport{kuehn_threatcrawl_2023,
title = {{ThreatCrawl}: {A} {BERT}-based {Focused} {Crawler} for the {Cybersecurity} {Domain}},
shorttitle = {{ThreatCrawl}},
url = {http://arxiv.org/abs/2304.11960},
abstract = {Publicly available information contains valuable information for Cyber Threat Intelligence (CTI). This can be used to prevent attacks that have already taken place on other systems. Ideally, only the initial attack succeeds and all subsequent ones are detected and stopped. But while there are different standards to exchange this information, a lot of it is shared in articles or blog posts in non-standardized ways. Manually scanning through multiple online portals and news pages to discover new threats and extracting them is a time-consuming task. To automize parts of this scanning process, multiple papers propose extractors that use Natural Language Processing (NLP) to extract Indicators of Compromise (IOCs) from documents. However, while this already solves the problem of extracting the information out of documents, the search for these documents is rarely considered. In this paper, a new focused crawler is proposed called ThreatCrawl, which uses Bidirectional Encoder Representations from Transformers (BERT)-based models to classify documents and adapt its crawling path dynamically. While ThreatCrawl has difficulties to classify the specific type of Open Source Intelligence (OSINT) named in texts, e.g., IOC content, it can successfully find relevant documents and modify its path accordingly. It yields harvest rates of up to 52\%, which are, to the best of our knowledge, better than the current state of the art.},
number = {arXiv:2304.11960},
urldate = {2023-04-27},
institution = {arXiv},
author = {Kuehn, Philipp and Schmidt, Mike and Bayer, Markus and Reuter, Christian},
month = apr,
year = {2023},
note = {arXiv:2304.11960 [cs]},
keywords = {Student, Security, Projekt-CYWARN, Projekt-ATHENE-SecUrban},
}
[BibTeX] [Abstract] [Download PDF]
The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a ()cvss vector and score. This assessment is time consuming and requires expertise. Various works already try to predict vectors or scores using machine learning based on the textual descriptions of the vulnerability to enable faster assessment. However, for this purpose, previous works only use the texts available in databases such as nvd. With this work, the publicly available web pages referenced in the nvd are analyzed and made available as sources of texts through web scraping. A dl based method for predicting the vector is implemented and evaluated. The present work provides a classification of the nvd’s reference texts based on the suitability and crawlability of their texts. While we identified the overall influence of the additional texts is negligible, we outperformed the state-of-the-art with our dl prediction models.
@article{kuehn_common_2023,
title = {Common vulnerability scoring system prediction based on open source intelligence information sources},
url = {https://peasec.de/paper/2023/2023_KuehnRelkeReuter_CommonVulnerabilityScoringSystemOSINT_CompSec.pdf},
doi = {10.1016/j.cose.2023.103286},
abstract = {The number of newly published vulnerabilities is constantly increasing. Until now, the information available when a new vulnerability is published is manually assessed by experts using a ()cvss vector and score. This assessment is time consuming and requires expertise. Various works already try to predict vectors or scores using machine learning based on the textual descriptions of the vulnerability to enable faster assessment. However, for this purpose, previous works only use the texts available in databases such as nvd. With this work, the publicly available web pages referenced in the nvd are analyzed and made available as sources of texts through web scraping. A dl based method for predicting the vector is implemented and evaluated. The present work provides a classification of the nvd’s reference texts based on the suitability and crawlability of their texts. While we identified the overall influence of the additional texts is negligible, we outperformed the state-of-the-art with our dl prediction models.},
journal = {Computers \& Security},
author = {Kuehn, Philipp and Relke, David N. and Reuter, Christian},
year = {2023},
keywords = {Student, Security, UsableSec, Projekt-CYWARN, Projekt-ATHENE-SecUrban, Ranking-ImpactFactor, Ranking-CORE-B},
}
[BibTeX] [Abstract] [Download PDF]
Neben positiven Aspekten wie der Produktivitätssteigerung bringt die Digitalisierung auch neue Gefahren mit sich. Entsprechend muss der Prozess gerade in Bereichen von gesellschaftlich enormer Bedeutung kritisch begleitet werden, um eine fundierte Entscheidung bei Auswahl und Entwicklung neuer Technologien zu treffen. Die Vision ist hierbei ein resilientes Smart Farming (RSF), bei dem die Fortschritte der Digitalisierung in der Landwirtschaft genutzt werden, ohne dabei die Ausfallsicherheit der landwirtschaftlichen Primärproduktion und somit die Lebensmittelversorgung der Verbraucher zu gefährden. Dieser Workshop konzentriert sich auf die Bewältigung dieser Forschungsherausforderungen und liefert Beiträge zu verschiedenen Themenbereichen. Dazu gehören (1) ein Hofbox-Ansatz basierend auf etablierten Open-Source Werkzeugen, (2) ein mobiles Assistenzsystem für den Transport von künstlichen Besamungsportionen, (3) die historische Perspektive auf kritische Infrastrukturen in der Region Rhein/Main, und (4) eine Messenger-Applikation zur Notfallkommunikation mittels LoRaWAN-basierten IoT-Setups.
@incollection{kuntke_rsf-lab23_2023,
address = {Bonn},
title = {{RSF}-{Lab}'23: {Konzepte} und {Anwendungen} zur resilienten digitalen {Landwirtschaft}},
isbn = {978-3-88579-731-9},
url = {https://peasec.de/paper/2023/2023_KuntkeEberzEderTrappReuter_KonzepteAnwendungen_GI.pdf},
abstract = {Neben positiven Aspekten wie der Produktivitätssteigerung bringt die Digitalisierung auch neue Gefahren mit sich. Entsprechend muss der Prozess gerade in Bereichen von gesellschaftlich enormer Bedeutung kritisch begleitet werden, um eine fundierte Entscheidung bei Auswahl und Entwicklung neuer Technologien zu treffen. Die Vision ist hierbei ein resilientes Smart Farming (RSF), bei dem die Fortschritte der Digitalisierung in der Landwirtschaft genutzt werden, ohne dabei die Ausfallsicherheit der landwirtschaftlichen Primärproduktion und somit die Lebensmittelversorgung der Verbraucher zu gefährden. Dieser Workshop konzentriert sich auf die Bewältigung dieser Forschungsherausforderungen und liefert Beiträge zu verschiedenen Themenbereichen. Dazu gehören (1) ein Hofbox-Ansatz basierend auf etablierten Open-Source Werkzeugen, (2) ein mobiles Assistenzsystem für den Transport von künstlichen Besamungsportionen, (3) die historische Perspektive auf kritische Infrastrukturen in der Region Rhein/Main, und (4) eine Messenger-Applikation zur Notfallkommunikation mittels LoRaWAN-basierten IoT-Setups.},
booktitle = {{INFORMATIK} 2023 - {Designing} {Futures}: {Zukünfte} gestalten},
publisher = {Gesellschaft für Informatik e. V.},
author = {Kuntke, Franz and Eberz-Eder, Daniel and Trapp, Matthias and Reuter, Christian},
year = {2023},
doi = {10.18420/inf2023_156},
keywords = {Projekt-AgriRegio, RSF, Security},
pages = {1529--1533},
}
[BibTeX] [Abstract] [Download PDF]
Since communications infrastructure is subject to many impacts, e.g., destructive natural events, they can potentially collapse at any time. Especially in rural areas, the recovery of public network infrastructure can take some time, so a dedicated communication channel would be advantageous. We explore the possibility of transforming commodity LoRaWAN gateways into meshed network nodes for a digital emergency communication channel. In order to obtain the required parameters, we collected farm locations in Germany with OpenStreetMap. Based on the assumptions of LoRa communication range and considering our use case requirements, connecting farm communities seems theoretically feasible in many areas of our data set. To further analyze our idea, we ran simulations of two common DTN routing protocols with different scenarios. A proof-of-concept implementation allows smaller messages to be transmitted using real hardware and demonstrates that a decentralized communications infrastructure based on commodity hardware is possible.
@inproceedings{kuntke_rural_2023,
title = {Rural {Communication} in {Outage} {Scenarios}: {Disruption}-{Tolerant} {Networking} via {LoRaWAN} {Setups}},
url = {https://idl.iscram.org/files/kuntke/2023/2581_Kuntke_etal2023.pdf},
abstract = {Since communications infrastructure is subject to many impacts, e.g., destructive natural events, they can potentially collapse at any time. Especially in rural areas, the recovery of public network infrastructure can take some time, so a dedicated communication channel would be advantageous. We explore the possibility of transforming commodity LoRaWAN gateways into meshed network nodes for a digital emergency communication channel. In order to obtain the required parameters, we collected farm locations in Germany with OpenStreetMap. Based on the assumptions of LoRa communication range and considering our use case requirements, connecting farm communities seems theoretically feasible in many areas of our data set. To further analyze our idea, we ran simulations of two common DTN routing protocols with different scenarios. A proof-of-concept implementation allows smaller messages to be transmitted using real hardware and demonstrates that a decentralized communications infrastructure based on commodity hardware is possible.},
booktitle = {Proceedings of {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
author = {Kuntke, Franz and Baumgärtner, Lars and Reuter, Christian},
year = {2023},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, RSF, Security, Crisis, Projekt-emergenCITY, Projekt-MAKI},
pages = {1--13},
}
[BibTeX] [Abstract] [Download PDF]
Low Power Wide Area Network (LPWAN) technologies are typically promoted for Internet-of-Things (IoT) applications, but are also of interest for emergency communications systems when regular fixed and mobile networks break down. Although LoRaWAN is a frequently used representative here, there are sometimes large differences between the proposed range and the results of some practical evaluations. Since previous work has focused on urban environments or has conducted simulations, this work aims to gather concrete knowledge on the transmission characteristics in rural environments. Extensive field studies with varying geographic conditions and comparative tests in urban environments were performed using two different hardware implementations. Overall, it was found that the collected values in rural areas are significantly lower than the theoretical values. Nevertheless, the results certify that LoRaWAN technology has a high range that cannot be achieved with other common technologies for emergency communications.
@inproceedings{kuntke_how_2023,
title = {How {Would} {Emergency} {Communication} {Based} on {LoRaWAN} {Perform}? {Empirical} {Findings} of {Signal} {Propagation} in {Rural} {Areas}},
url = {https://idl.iscram.org/files/kuntke/2023/2586_Kuntke_etal2023.pdf},
abstract = {Low Power Wide Area Network (LPWAN) technologies are typically promoted for Internet-of-Things (IoT) applications, but are also of interest for emergency communications systems when regular fixed and mobile networks break down. Although LoRaWAN is a frequently used representative here, there are sometimes large differences between the proposed range and the results of some practical evaluations. Since previous work has focused on urban environments or has conducted simulations, this work aims to gather concrete knowledge on the transmission characteristics in rural environments. Extensive field studies with varying geographic conditions and comparative tests in urban environments were performed using two different hardware implementations. Overall, it was found that the collected values in rural areas are significantly lower than the theoretical values. Nevertheless, the results certify that LoRaWAN technology has a high range that cannot be achieved with other common technologies for emergency communications.},
booktitle = {Proceedings of {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
author = {Kuntke, Franz and Bektas, Merve and Buhleier, Laura and Pohl, Ella and Schiller, Rebekka and Reuter, Christian},
year = {2023},
keywords = {Student, Projekt-AgriRegio, Projekt-GeoBox, RSF, Crisis},
pages = {1--8},
}
[BibTeX] [Abstract] [Download PDF]
Die vorliegende Arbeit präsentiert die Entwicklung einer Messenger-App mit Schwerpunkt auf Benutzerfreundlichkeit, für die Nutzung mit einem bestehenden LoRaWAN-DTN-Backend. Die App ermöglicht den Austausch von Nachrichten mit anderen Personen über ein vorhandenes Kommunikationssystem auf LoRaWAN-Basis. Das grundlegende Softwaregerüst wurde mithilfe agiler Softwareentwicklungsmethoden als Progressive-Web-App entwickelt und iterativ verbessert. Das Ergebnis ist eine plattformübergreifende App für Desktop-PCs und Android-Smartphones. Die App bietet grundlegende Messenger-Funktionen wie Kontaktverwaltung, Chatverlauf-Speicher und Benachrichtigungen. Zusätzlich enthält die App erweiterte Funktionen wie einen leicht zugänglichen SOS-Button, um Notfallnachrichten schnell absetzen zu können. Ziel der Entwicklung war es, die Gebrauchstauglichkeit gegenüber einem ersten Prototyp zu verbessern. Die App soll effektive Kommunikation zwischen Helfern und Betroffenen ermöglichen, während und nach Krisenereignissen wie beispielsweise der europäischen Flutkatastrophe 2021. In folgenden Arbeiten soll das System unter Nutzung dieser App im Einsatz getestet werden.
@incollection{orlov_optimierte_2023,
title = {Optimierte {Messenger}-{Applikation} zur {Notfallkommunikation} via {LoRaWAN}-{DTN}},
url = {https://peasec.de/paper/2023/2023_OrlovKuntkeReuter_OptimierteMessengerApplikation_GI.pdf},
abstract = {Die vorliegende Arbeit präsentiert die Entwicklung einer Messenger-App mit Schwerpunkt auf Benutzerfreundlichkeit, für die Nutzung mit einem bestehenden LoRaWAN-DTN-Backend. Die App ermöglicht den Austausch von Nachrichten mit anderen Personen über ein vorhandenes Kommunikationssystem auf LoRaWAN-Basis. Das grundlegende Softwaregerüst wurde mithilfe agiler Softwareentwicklungsmethoden als Progressive-Web-App entwickelt und iterativ verbessert. Das Ergebnis ist eine plattformübergreifende App für Desktop-PCs und Android-Smartphones. Die App bietet grundlegende Messenger-Funktionen wie Kontaktverwaltung, Chatverlauf-Speicher und Benachrichtigungen. Zusätzlich enthält die App erweiterte Funktionen wie einen leicht zugänglichen SOS-Button, um Notfallnachrichten schnell absetzen zu können. Ziel der Entwicklung war es, die Gebrauchstauglichkeit gegenüber einem ersten Prototyp zu verbessern. Die App soll effektive Kommunikation zwischen Helfern und Betroffenen ermöglichen, während und nach Krisenereignissen wie beispielsweise der europäischen Flutkatastrophe 2021. In folgenden Arbeiten soll das System unter Nutzung dieser App im Einsatz getestet werden.},
booktitle = {{INFORMATIK} 2023 - {Designing} {Futures}: {Zukünfte} gestalten},
publisher = {Gesellschaft für Informatik e. V.},
author = {Orlov, Denis and Kuntke, Franz and Reuter, Christian},
year = {2023},
doi = {10.18420/inf2023_160},
keywords = {Student, Projekt-AgriRegio, RSF, Crisis},
pages = {1--6},
}
[BibTeX] [Abstract] [Download PDF]
The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.
@article{reinhold_challenges_2023,
title = {Challenges for {Cyber} {Arms} {Control}: {A} {Qualitative} {Expert} {Interview} {Study}},
volume = {16},
issn = {1866-2196},
url = {https://doi.org/10.1007/s12399-023-00960-w},
doi = {10.1007/s12399-023-00960-w},
abstract = {The militarization of cyberspace has been a topic in international fora and scientific debates for several years. However, the development of applicable, and verifiable arms control measures that can effectively reduce the risk of military escalations in cyberspace is still hindered by the characteristics of this domain. The article analyses challenges and obstacles of dual-use, proliferation, constant technological progress, the importance of the private sector, difficulties in defining and verifying weapons and difficulties in attributing attacks.},
number = {3},
journal = {Zeitschrift für Außen- und Sicherheitspolitik (ZfAS)},
author = {Reinhold, Thomas and Pleil, Helene and Reuter, Christian},
month = aug,
year = {2023},
keywords = {Peace, Security, Projekt-ATHENE-SecUrban, Projekt-CROSSING},
pages = {289--310},
}
[BibTeX] [Abstract] [Download PDF]
While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.
@article{reinhold_preventing_2023,
title = {Preventing the escalation of cyber conflicts: towards an approach to plausibly assure the non-involvement in a cyberattack},
volume = {12},
issn = {2524-6976},
url = {https://doi.org/10.1007/s42597-023-00099-7},
doi = {10.1007/s42597-023-00099-7},
abstract = {While cyberspace has evolved into a commonly shared space vital to our individual lives and societies, malicious cyber activities by state actors as part of espionage operations, regarding defense strategies, or as part of traditional conflicts have strongly increased. In contrast, attributing the origin of such activities remains problematic. The ambiguity of digital data raises the problem of misinterpreting available information, increasing the risk of misinformed reactions and conflict escalation. In order to reduce this risk, this paper proposes a transparency system based on technologies which usually already exist for IT security measures that an accused actor in a specific incident can use to provide credible information which plausibly assures his non-involvement. The paper analyses the technical requirements, presents the technical concept and discusses the necessary adjustments to existing IT networks for its implementation. Intended as a measure for conflict de-escalation, the paper further discusses the limitations of this approach, especially with regard to technical limits as well as the political motivation and behavior of states.},
number = {1},
journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
author = {Reinhold, Thomas and Reuter, Christian},
month = apr,
year = {2023},
keywords = {Peace, Security, Projekt-ATHENE-SecUrban, Projekt-CROSSING},
pages = {31--58},
}
[BibTeX] [Abstract] [Download PDF]
Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.
@article{reinhold_extrust_2023,
title = {{ExTRUST}: {Reducing} {Exploit} {Stockpiles} {With} a {Privacy}-{Preserving} {Depletion} {Systems} for {Inter}-{State} {Relationships}},
volume = {4},
url = {https://peasec.de/paper/2023/2023_ReinholdKuehnGuentherSchneiderReuter_ExTrust-ehem-BlockED_TTaS.pdf},
doi = {10.1109/TTS.2023.3280356},
abstract = {Cyberspace is a fragile construct threatened by malicious cyber operations of different actors, with vulnerabilities in IT hardware and software forming the basis for such activities, thus also posing a threat to global IT security. Advancements in the field of artificial intelligence accelerate this development, either with artificial intelligence enabled cyber weapons, automated cyber defense measures, or artificial intelligence-based threat and vulnerability detection. Especially state actors, with their long-term strategic security interests, often stockpile such knowledge of vulnerabilities and exploits to enable their military or intelligence service cyberspace operations. While treaties and regulations to limit these developments and to enhance global IT security by disclosing vulnerabilities are currently being discussed on the international level, these efforts are hindered by state concerns about the disclosure of unique knowledge and about giving up tactical advantages. This leads to a situation where multiple states are likely to stockpile at least some identical exploits, with technical measures to enable a depletion process for these stockpiles that preserve state secrecy interests and consider the special constraints of interacting states as well as the requirements within such environments being non-existent. This paper proposes such a privacy-preserving approach that allows multiple state parties to privately compare their stock of vulnerabilities and exploits to check for items that occur in multiple stockpiles without revealing them so that their disclosure can be considered. We call our system ExTRUST and show that it is scalable and can withstand several attack scenarios. Beyond the intergovernmental setting, ExTRUST can also be used for other zero-trust use cases, such as bug-bounty programs.},
number = {2},
journal = {IEEE Transactions on Technology and Society},
author = {Reinhold, Thomas and Kuehn, Philipp and Günther, Daniel and Schneider, Thomas and Reuter, Christian},
year = {2023},
keywords = {Peace, Student, Projekt-ATHENE-SecUrban, Projekt-CROSSING, A-Paper, Selected, Cyberwar, AuswahlPeace, Projekt-GRKPrivacy},
pages = {158--170},
}
[BibTeX] [Abstract] [Download PDF]
Der Überfall Russlands auf die Ukraine und der sich anschließende Krieg haben neben vielen anderen sicherheitspolitischen Gewissheiten auch zum ersten Mal die Rolle des Cyberspace in einem offenen Angriffskrieg demonstriert und bedenkenswerte Entwicklungen offenbart. Ziel dieses Beitrags ist es, die militärischen Aktivitäten im Cyberspace im Rahmen des Krieges Russlands gegen die Ukraine auf der Grundlage der öffentlich verfügbaren Informationen zu analysieren und im Hinblick auf die bis dato gängigen Vorstellungen eines Cyberwars zu bewerten. Darauf aufbauend werden mögliche Schlussfolgerungen betrachtet, zum einen mit Blick auf die zukünftige Bedeutung von Cyberaktivitäten für Russland, hinsichtlich des generellen militärischen Einsatzes von Cyberwirkmitteln und dessen weiterer Entwicklung, und in Bezug auf zukünftige internationale Debatten zur Einhegung von Cyberwars und des schädigenden Einsatzes von Cyberwirkmitteln.
@article{reinhold_zur_2023,
title = {Zur {Debatte} über die {Einhegung} eines {Cyberwars}: {Analyse} militärischer {Cyberaktivitäten} im {Krieg} {Russlands} gegen die {Ukraine}},
issn = {2524-6976},
url = {https://doi.org/10.1007/s42597-023-00094-y},
doi = {10.1007/s42597-023-00094-y},
abstract = {Der Überfall Russlands auf die Ukraine und der sich anschließende Krieg haben neben vielen anderen sicherheitspolitischen Gewissheiten auch zum ersten Mal die Rolle des Cyberspace in einem offenen Angriffskrieg demonstriert und bedenkenswerte Entwicklungen offenbart. Ziel dieses Beitrags ist es, die militärischen Aktivitäten im Cyberspace im Rahmen des Krieges Russlands gegen die Ukraine auf der Grundlage der öffentlich verfügbaren Informationen zu analysieren und im Hinblick auf die bis dato gängigen Vorstellungen eines Cyberwars zu bewerten. Darauf aufbauend werden mögliche Schlussfolgerungen betrachtet, zum einen mit Blick auf die zukünftige Bedeutung von Cyberaktivitäten für Russland, hinsichtlich des generellen militärischen Einsatzes von Cyberwirkmitteln und dessen weiterer Entwicklung, und in Bezug auf zukünftige internationale Debatten zur Einhegung von Cyberwars und des schädigenden Einsatzes von Cyberwirkmitteln.},
journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
author = {Reinhold, Thomas and Reuter, Christian},
month = mar,
year = {2023},
keywords = {Peace, Projekt-TraCe, Security, Projekt-ATHENE-SecUrban},
}
[BibTeX] [Abstract] [Download PDF]
In summary, crisis informatics has established itself as an important research area in the ever-increasing complexity of the cyber world. Its importance is further amplified by the time-critical constraints of emergencies and disasters. However, crisis informatics will be challenged to evolve quickly to tackle global-scale emergencies, such as the ongoing COVID-19 pandemic and the increasing risks of natural hazards due to climate change. This chapter seeks to supplement this effort by analyzing interaction, role, information, and perception patterns, which were prevalent in the past 20 years of social media use in crises.
@incollection{reuter_crisis_2023,
title = {Crisis {Informatics}},
isbn = {978-1-00-905708-0},
url = {https://peasec.de/paper/2023/2023_ReuterKaufhold_CrisisInformatics_CambridgeHandbookCyber.pdf},
abstract = {In summary, crisis informatics has established itself as an important research area in the ever-increasing complexity of the cyber world. Its importance is further amplified by the time-critical constraints of emergencies and disasters. However, crisis informatics will be challenged to evolve quickly to tackle global-scale emergencies, such as the ongoing COVID-19 pandemic and the increasing risks of natural hazards due to climate change. This chapter seeks to supplement this effort by analyzing interaction, role, information, and perception patterns, which were prevalent in the past 20 years of social media use in crises.},
booktitle = {Cambridge {Handbook} of {Cyber} {Behavior}},
publisher = {Cambridge University Press},
author = {Reuter, Christian and Kaufhold, Marc-André},
editor = {Yan, Zheng},
year = {2023},
keywords = {Peace, Crisis, HCI, Projekt-ATHENE-FANCY, Projekt-CYWARN, Projekt-emergenCITY},
}
[BibTeX] [Abstract] [Download PDF]
The conference Science · Peace · Security ’23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.
@incollection{reuter_science_2023,
address = {Darmstadt, Germany},
title = {Science {Peace} {Security} ’23: {Editorial} of the {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/24777},
abstract = {The conference Science · Peace · Security '23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.},
booktitle = {Science {Peace} {Security} ’23: {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
publisher = {TUprints},
author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
editor = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
year = {2023},
doi = {10.26083/tuprints-00024777},
keywords = {Peace, Projekt-TraCe, Security, Projekt-CROSSING},
pages = {9--13},
}
[BibTeX] [Abstract] [Download PDF]
The conference Science · Peace · Security ’23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.
@book{reuter_science_2023-1,
address = {Darmstadt, Germany},
title = {Science {Peace} {Security} ‘23 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/24777},
abstract = {The conference Science · Peace · Security '23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.},
publisher = {TUprints},
author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
year = {2023},
doi = {10.26083/tuprints-00024777},
keywords = {Peace, Projekt-TraCe, Security, Projekt-CROSSING},
}
[BibTeX] [Abstract] [Download PDF]
The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.
@article{reuter_increasing_2023,
title = {Increasing {Adoption} {Despite} {Perceived} {Limitations} of {Social} {Media} in {Emergencies}: {Representative} {Insights} on {German} {Citizens}’ {Perception} and {Trends} from 2017 to 2021},
volume = {96},
issn = {2212-4209},
url = {https://peasec.de/paper/2023/2023_ReuterKaufholdBiselliPleil_SocialMediaEmergenciesSurvey_IJDRR.pdf},
doi = {https://doi.org/10.1016/j.ijdrr.2023.103880},
abstract = {The value of social media in crises, disasters, and emergencies across different events, participants, and states is now well-examined in crisis informatics research. Previous research has contributed to the state of the art with empirical insights on the use of social media, approaches for the gathering and processing of big social data, the design and evaluation of information systems, and the analysis of cumulative and longitudinal data. While some studies examined social media use representatively for their target audience, these usually only comprise a single point of inquiry and do not allow for a trend analysis. This work provides results (1) of a representative survey with German citizens from 2021 on use patterns, perceptions, and expectations regarding social media during emergencies. Furthermore, it (2) compares these results to previous surveys and provides insights on temporal changes and trends from 2017, over 2019 to 2021. Our findings highlight that social media use in emergencies increased in 2021 and 2019 compared to 2017. Between 2019 and 2021, the amount of information shared on social media remained on a similar level, while the perceived disadvantages of social media in emergencies significantly increased. In light of demographic variables, the results of the 2021 survey confirm previous findings, according to which older individuals (45+ years) use social media in emergencies less often than younger individuals (18-24 years). Furthermore, while the quicker availability of information was one of the reasons for social media use, especially the potential information overload was a key factor for not using social media in emergencies. The results are discussed in light of the dynamic nature of attitudes regarding social media in emergencies and the need to account for heterogeneity in user expectations to build trustworthy information ecosystems in social media.},
journal = {International Journal of Disaster Risk Reduction (IJDRR)},
author = {Reuter, Christian and Kaufhold, Marc-André and Biselli, Tom and Pleil, Helene},
year = {2023},
keywords = {Student, Crisis, Projekt-emergenCITY, Projekt-CYLENCE, A-Paper, AuswahlCrisis, Projekt-NEBULA, Ranking-ImpactFactor, SocialMedia},
}
[BibTeX] [Abstract] [Download PDF]
The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.
@article{riebe_privacy_2023,
title = {Privacy {Concerns} and {Acceptance} {Factors} of {OSINT} for {Cybersecurity}: {A} {Representative} {Survey}},
url = {https://petsymposium.org/popets/2023/popets-2023-0028.pdf},
doi = {https://doi.org/10.56553/popets-2023-0028},
abstract = {The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.},
number = {1},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Riebe, Thea and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CYWARN, A-Paper, AuswahlUsableSec, Ranking-CORE-A},
pages = {477--493},
}
[BibTeX] [Abstract] [Download PDF]
The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.
@article{riebe_values_2023,
title = {Values and {Value} {Conflicts} in the {Context} of {OSINT} {Technologies} for {Cybersecurity} {Incident} {Response}: {A} {Value} {Sensitive} {Design} {Perspective}},
url = {https://link.springer.com/article/10.1007/s10606-022-09453-4},
doi = {10.1007/s10606-022-09453-4},
abstract = {The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.},
journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
author = {Riebe, Thea and Bäumler, Julian and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {Student, Security, UsableSec, HCI, Projekt-CYWARN, Projekt-ATHENE-SecUrban, Projekt-CROSSING, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B},
}
[BibTeX] [Abstract] [Download PDF]
Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.
@article{schmid_digital_2023,
title = {Digital {Volunteers} {During} the {COVID}-19 {Pandemic}: {Care} {Work} on {Social} {Media} for {Socio}-technical {Resilience}},
volume = {3},
issn = {2748-5625},
url = {https://ojs.weizenbaum-institut.de/index.php/wjds/article/view/78},
doi = {10.34669/WI.WJDS/3.3.6},
abstract = {Like past crises, the COVID-19 pandemic has also activated individual volunteers to help to respond to the crisis. This includes digital volunteers, who have organized physical aid and conducted activities on social media. Analyzing German volunteering support groups on Facebook and related Reddit threads in the context of the COVID-19 pandemic, we {\textbackslash}updatedshow what type of help is offered and how social media users interact with each other, trying to cope with the situation. We reveal that most users offering help online conduct mostly typical care work, such as buying groceries or giving advice. Crucially, volunteering is characterized by relationships of care and thus builds on affirmative interactions. Albeit some misdirected offers and regressive interruptions, people use the possibility to make their voices heard and, showing empathy, help each other to cope with crisis. Social media like Facebook mediate societal structures, including relationships of care, offering a space for continuous, cumulatively resilient conduct of care work. Reflecting on the traditional division of labor in crisis volunteering and counter-productive dynamics of care and empathy, we aim for feminist ethics of care which allows for interactions on social media that foster generative computer-supported collaboration.},
number = {1},
journal = {Weizenbaum Journal of the Digital Society},
author = {Schmid, Stefka and Guntrum, Laura and Haesler, Steffen and Schultheiß, Lisa and Reuter, Christian},
month = may,
year = {2023},
keywords = {Peace, Projekt-TraCe, Student, Crisis, HCI, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, SocialMedia},
}
[BibTeX] [Abstract] [Download PDF]
When considering privacy, context, and environmental circumstances can have a strong influence on individual decisions and user behavior. Especially in crises or threatening situations, privacy may conflict with other values, such as personal safety and health. In other cases, personal or public safety can also be dependent on privacy: the context of flight shows how, for those affected, the value of data protection can increase as a result of an increased threat situation. Thus, when individual sovereignty—the autonomous development of one’s own will—or safety is highly dependent on information flows, people tend to be more protective of their privacy in order to maintain their information sovereignty. But also, the context of agriculture, as part of the critical infrastructure, shows how privacy concerns can affect the adoption of digital tools. With these two examples, flight and migration as well as agriculture, this chapter presents some exemplary results that illustrate the importance of the influence of situational factors on perceived information sovereignty and the evaluation of privacy.
@incollection{steinbrink_privacy_2023,
address = {Cham},
title = {Privacy {Perception} and {Behaviour} in {Safety}-{Critical} {Environments}},
isbn = {978-3-031-28643-8},
url = {https://doi.org/10.1007/978-3-031-28643-8_12},
abstract = {When considering privacy, context, and environmental circumstances can have a strong influence on individual decisions and user behavior. Especially in crises or threatening situations, privacy may conflict with other values, such as personal safety and health. In other cases, personal or public safety can also be dependent on privacy: the context of flight shows how, for those affected, the value of data protection can increase as a result of an increased threat situation. Thus, when individual sovereignty—the autonomous development of one’s own will—or safety is highly dependent on information flows, people tend to be more protective of their privacy in order to maintain their information sovereignty. But also, the context of agriculture, as part of the critical infrastructure, shows how privacy concerns can affect the adoption of digital tools. With these two examples, flight and migration as well as agriculture, this chapter presents some exemplary results that illustrate the importance of the influence of situational factors on perceived information sovereignty and the evaluation of privacy.},
booktitle = {Human {Factors} in {Privacy} {Research}},
publisher = {Springer International Publishing},
author = {Steinbrink, Enno and Biselli, Tom and Linsner, Sebastian and Herbert, Franziska and Reuter, Christian},
editor = {Gerber, Nina and Stöver, Alina and Marky, Karola},
year = {2023},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CROSSING, Projekt-GRKPrivacy},
pages = {237--251},
}
[BibTeX] [Abstract] [Download PDF]
From the perspective of end-users, IoT devices behave like a black box: As long as they work as intended, users will not detect any compromise. Users have minimal control over the software. Hence, it is very likely that the user misses that illegal recordings and transmissions occur if a security camera or a smart speaker is hacked. In this paper, we present SCAtt-man, the first remote attestation scheme that is specifically designed with the user in mind. SCAtt-man deploys software-based attestation to check the integrity of remote devices, allowing users to verify the integrity of IoT devices with their smartphones. The key novelty of SCAtt-man resides in the utilization of user-observable side-channels such as light or sound in the attestation protocol. Our proof-of-concept implementation targets a smart speaker and an attestation protocol that is based on a data-over-sound protocol. Our evaluation demonstrates the effectiveness of toolname against a variety of attacks and its usability based on a user study with 20 participants.
@inproceedings{surminski_scatt-man_2023,
address = {New York, NY, USA},
series = {{CODASPY} '23},
title = {{SCAtt}-man: {Side}-{Channel}-{Based} {Remote} {Attestation} for {Embedded} {Devices} that {Users} {Understand}},
isbn = {9798400700675},
url = {https://doi.org/10.1145/3577923.3583652},
doi = {10.1145/3577923.3583652},
abstract = {From the perspective of end-users, IoT devices behave like a black box: As long as they work as intended, users will not detect any compromise. Users have minimal control over the software. Hence, it is very likely that the user misses that illegal recordings and transmissions occur if a security camera or a smart speaker is hacked. In this paper, we present SCAtt-man, the first remote attestation scheme that is specifically designed with the user in mind. SCAtt-man deploys software-based attestation to check the integrity of remote devices, allowing users to verify the integrity of IoT devices with their smartphones. The key novelty of SCAtt-man resides in the utilization of user-observable side-channels such as light or sound in the attestation protocol. Our proof-of-concept implementation targets a smart speaker and an attestation protocol that is based on a data-over-sound protocol. Our evaluation demonstrates the effectiveness of toolname against a variety of attacks and its usability based on a user study with 20 participants.},
booktitle = {Proceedings of the {Thirteenth} {ACM} {Conference} on {Data} and {Application} {Security} and {Privacy}},
publisher = {Association for Computing Machinery},
author = {Surminski, Sebastian and Niesler, Christian and Linsner, Sebastian and Davi, Lucas and Reuter, Christian},
year = {2023},
keywords = {Security, UsableSec, HCI, Projekt-CROSSING, Ranking-CORE-B},
pages = {225--236},
}
[BibTeX] [Abstract] [Download PDF]
Im Forschungsprojekt “ Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”“ wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.
@inproceedings{zivkovic_infrastrukturen_2023,
address = {Leoben},
title = {Infrastrukturen und historisches {Wissen}: {Eine} interdisziplinäre {Analyse} der {Resilienz} von {Schienen}- und {Kabelnetzen}},
isbn = {978-3-900397-11-1},
url = {https://peasec.de/paper/2023/2023_ZivkovicFrankenThiessenEngelsReuter_InfrastrukturenHistorischesWissen_FKF23.pdf},
abstract = {Im Forschungsprojekt " Das Netz hat Geschichte: Netzwerk- und Vulnerabilitätsanalyse Kritischer Infrastrukturen am Beispiel IKT und Verkehr in Rhein/Main”" wird das historische Wachstum von IKT- und Schieneninfrastrukturnetzen, sowie daraus erwachsene Konsequenzen für deren Vulnerabilitäten am Beispiel der Rhein-Main-Region interdisziplinär untersucht. Beide Infrastrukturnetze entstanden über Jahrzehnte hinweg und sind das Ergebnis verschiedener Interessen und technischer Entwicklungen aus unterschiedlichen Zeitschichten. Dies beeinflusst die Widerstandsfähigkeit der Netze und birgt potenzielle Risiken. Anhand von ca. 20 Expert:inneninterviews soll das Wissen von Praktiker:innen über das Alter, die Ausbreitung, technische Neuerungen und deren Auswirkungen analysiert werden. Die Forschung basiert auf dem Zeitschichtenmodell von Koselleck, das es ermöglicht, die verschiedenen zeitlichen Ebenen der Infrastrukturentwicklung zu analysieren. Die Ergebnisse der semi-strukturierten Interviewstudie zum impliziten Wissen der Befragten werden genutzt, um Hypothesen zu generieren, die später mittels Archivstudien und Netzwerkanalysen überprüft werden. Die gewonnenen Erkenntnisse können zur Stärkung der Resilienz von Infrastrukturen, insbesondere bei Katastrophenszenarien regionalen Ausmaßes, und zukünftigen Investitionsentscheidungen beitragen.},
booktitle = {Tagungsband {Fachtagung} {Katastrophenforschung} 2023},
publisher = {Disaster Competence Network Austria},
author = {Zivkovic, Marco and Franken, Jonas and Thiessen, Nadja and Engels, Jens Ivo and Reuter, Christian},
year = {2023},
keywords = {Security, Crisis, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, Infrastructure, Projekt-NetzGeschichte},
}
[BibTeX] [Abstract] [Download PDF]
In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.
@incollection{ozalp_trends_2023,
address = {Bielefeld},
title = {Trends in {Explainable} {Artificial} {Intelligence} for {Non}-{Experts}},
url = {https://www.transcript-verlag.de/978-3-8376-5732-6/ai-limits-and-prospects-of-artificial-intelligence/?c=313000019},
abstract = {In this paper we provide an overview of XAI by introducing fundamental terminology and the goals of XAI, as well as recent research findings. Whilst doing this, we pay special attention to strategies for non-expert stakeholders. This leads us to our first research question: “What are the trends in explainable AI strategies for non-experts?”. In order to illustrate the current state of these trends, we further want to study an exemplary and very relevant application domain. According to Abdul et al. (2018), one of the first domains where researchers pursued XAI is the medical domain. This leads to our second research question: “What are the approaches of XAI in the medical domain for non-expert stakeholders?” These research questions will provide an overview of current topics in XAI and show possible research extensions for specific domains.},
booktitle = {{AI} - {Limits} and {Prospects} of {Artificial} {Intelligence}},
publisher = {Transcript Verlag},
author = {Özalp, Elise and Hartwig, Katrin and Reuter, Christian},
editor = {Klimczak, Peter and Petersen, Christer},
year = {2023},
keywords = {Student, UsableSec, HCI, Projekt-CYWARN, Projekt-ATHENE-SecUrban, Projekt-CROSSING},
pages = {223--243},
}
2022
[BibTeX] [Abstract] [Download PDF]
In many cases of machine learning, research suggests that the development of training data might have a higher relevance than the choice and modelling of classifiers themselves. Thus, data augmentation methods have been developed to improve classifiers by artificially created training data. In NLP, there is the challenge of establishing universal rules for text transformations which provide new linguistic patterns. In this paper, we present and evaluate a text generation method suitable to increase the performance of classifiers for long and short texts. We achieved promising improvements when evaluating short as well as long text tasks with the enhancement by our text generation method. Especially with regard to small data analytics, additive accuracy gains of up to 15.53\% and 3.56\% are achieved within a constructed low data regime, compared to the no augmentation baseline and another data augmentation technique. As the current track of these constructed regimes is not universally applicable, we also show major improvements in several real world low data tasks (up to +4.84 F1-score). Since we are evaluating the method from many perspectives (in total 11 datasets), we also observe situations where the method might not be suitable. We discuss implications and patterns for the successful application of our approach on different types of datasets.
@article{bayer_data_2022,
title = {Data {Augmentation} in {Natural} {Language} {Processing}: {A} {Novel} {Text} {Generation} {Approach} for {Long} and {Short} {Text} {Classifiers}},
url = {https://link.springer.com/article/10.1007/s13042-022-01553-3},
doi = {10.1007/s13042-022-01553-3},
abstract = {In many cases of machine learning, research suggests that the development of training data might have a higher relevance than the choice and modelling of classifiers themselves. Thus, data augmentation methods have been developed to improve classifiers by artificially created training data. In NLP, there is the challenge of establishing universal rules for text transformations which provide new linguistic patterns. In this paper, we present and evaluate a text generation method suitable to increase the performance of classifiers for long and short texts. We achieved promising improvements when evaluating short as well as long text tasks with the enhancement by our text generation method. Especially with regard to small data analytics, additive accuracy gains of up to 15.53\% and 3.56\% are achieved within a constructed low data regime, compared to the no augmentation baseline and another data augmentation technique. As the current track of these constructed regimes is not universally applicable, we also show major improvements in several real world low data tasks (up to +4.84 F1-score). Since we are evaluating the method from many perspectives (in total 11 datasets), we also observe situations where the method might not be suitable. We discuss implications and patterns for the successful application of our approach on different types of datasets.},
journal = {International Journal of Machine Learning and Cybernetics (IJMLC)},
author = {Bayer, Markus and Kaufhold, Marc-André and Buchhold, Björn and Keller, Marcel and Dallmeyer, Jörg and Reuter, Christian},
year = {2022},
keywords = {Student, Security, Projekt-CYWARN, Projekt-emergenCITY, A-Paper, Ranking-ImpactFactor},
}
[BibTeX] [Abstract] [Download PDF]
Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.
@article{biselli_challenges_2022,
title = {On the {Challenges} of {Developing} a {Concise} {Questionnaire} to {Identify} {Privacy} {Personas}},
url = {https://petsymposium.org/2022/files/papers/issue4/popets-2022-0126.pdf},
doi = {10.56553/popets-2022-0126},
abstract = {Concise instruments to determine privacy personas – typical privacy-related user groups – are not available at present. Consequently, we aimed to identify them on a privacy knowledge–privacy behavior ratio based on a self-developed instrument. To achieve this, we conducted an item analysis (N = 820) and a confirmatory factor analysis (CFA) (N = 656) of data based on an online study with German participants. Starting with 81 items, we reduced those to an eleven-item questionnaire with the two scales privacy knowledge and privacy behavior. A subsequent cluster analysis (N = 656) revealed three distinct user groups: (1) Fundamentalists scoring high in privacy knowledge and behavior, (2) Pragmatists scoring average in privacy knowledge and behavior and (3) Unconcerned scoring low in privacy knowledge and behavior. In a closer inspection of the questionnaire, the CFAs supported the model with a close global fit based on RMSEA in a training and to a lesser extent in a cross-validation sample. Deficient local fit as well as validity and reliability coefficients well below generally accepted thresholds, however, revealed that the questionnaire in its current form cannot be considered a suitable measurement instrument for determining privacy personas. The results are discussed in terms of related persona conceptualizations, the importance of a methodologically sound investigation of corresponding privacy dimensions and our lessons learned.},
number = {4},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Biselli, Tom and Steinbrink, Enno and Herbert, Franziska and Schmidbauer-Wolf, Gina Maria and Reuter, Christian},
year = {2022},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Ranking-CORE-A, Projekt-GRKPrivacy},
pages = {645--669},
}
[BibTeX] [Abstract] [Download PDF]
Die Klimakrise gehört zu den aktuell größten Herausforderungen unserer Zeit. Informations- und Kommunikationstechnologien (IKT) können hierbei eine entscheidende Rolle spielen. Einerseits, da eine Effizienzsteigerung von oder durch IKT zu einer klimafreundlicheren Nutzung beitragen kann, und andererseits, da IKT zu einem erhöhten Ressourcenverbrauch führen kann. Um diese Thematik weiter zu untersuchen, wird in dieser Arbeit eine systematische Literaturrecherche durchgeführt, um Herausforderungen und Potenziale in der Adressierung der Klimakrise durch eine effiziente und nachhaltige Entwicklung des IKT-Sektors zu analysieren. Die dabei untersuchte Literatur beinhaltet Herausforderungen wie zum Beispiel den hohen Energie- und Materialverbrauch der IKT-Geräte und Datenzentren sowie die entstehenden Entsorgungskosten und das Konsumverhalten der Nutzer*innen. Deswegen sollten die Nutzer*innen mehr Informationen zur Wartung, zum Kauf gebrauchter Geräte, und zum Recyceln/Entsorgen erhalten. Die Analyse lieferte aber auch viele Potenziale. Durch IKT können Effizienzsteigerungen in den Bereich Industrie, Landwirtschaft, Verkehr und Transport erreicht und auch umweltschädliche Geräte substituiert werden. Durch diese Potenziale kann es aber, wie in anderen Bereichen, zu einem Rebound-Effekt kommen.
@inproceedings{buhleier_effizienz_2022,
address = {Hamburg, Germany},
title = {Effizienz und {Nachhaltigkeit} durch {Green}-{IT}: ein systematischer {Literaturüberblick} im {Kontext} der {Klimakrise}},
isbn = {978-3-88579-720-3},
url = {https://dl.gi.de/bitstream/handle/20.500.12116/39590/rsflab_06.pdf?sequence=1&isAllowed=y},
doi = {10.18420/inf2022_83},
abstract = {Die Klimakrise gehört zu den aktuell größten Herausforderungen unserer Zeit. Informations- und Kommunikationstechnologien (IKT) können hierbei eine entscheidende Rolle spielen. Einerseits, da eine Effizienzsteigerung von oder durch IKT zu einer klimafreundlicheren Nutzung beitragen kann, und andererseits, da IKT zu einem erhöhten Ressourcenverbrauch führen kann. Um diese Thematik weiter zu untersuchen, wird in dieser Arbeit eine systematische Literaturrecherche durchgeführt, um Herausforderungen und Potenziale in der Adressierung der Klimakrise durch eine effiziente und nachhaltige Entwicklung des IKT-Sektors zu analysieren. Die dabei untersuchte Literatur beinhaltet Herausforderungen wie zum Beispiel den hohen Energie- und Materialverbrauch der IKT-Geräte und Datenzentren sowie die entstehenden Entsorgungskosten und das Konsumverhalten der Nutzer*innen. Deswegen sollten die Nutzer*innen mehr Informationen zur Wartung, zum Kauf gebrauchter Geräte, und zum Recyceln/Entsorgen erhalten. Die Analyse lieferte aber auch viele Potenziale. Durch IKT können Effizienzsteigerungen in den Bereich Industrie, Landwirtschaft, Verkehr und Transport erreicht und auch umweltschädliche Geräte substituiert werden. Durch diese Potenziale kann es aber, wie in anderen Bereichen, zu einem Rebound-Effekt kommen.},
language = {de},
booktitle = {{INFORMATIK} 2022: 52. {Jahrestagung} der {Gesellschaft} für {Informatik} – {Informatik} für {Gesellschaft} ({Workshop}-{Beiträge}), {Lecture} {Notes} in {Informatics} ({LNI})},
publisher = {Gesellschaft für Informatik e. V.},
author = {Buhleier, Laura and Gantner, Patrick and Frey, Tobias and Boers, Michael and Kaufhold, Marc-André and Reuter, Christian},
editor = {Demmler, D. and Krupka, D. and Federrath, H.},
year = {2022},
keywords = {Student, Projekt-AgriRegio, Projekt-GeoBox, Security, Ranking-CORE-C, Ranking-VHB-C},
pages = {995--1012},
}
[BibTeX] [Abstract] [Download PDF]
User Experience ist von zunehmender Relevanz für die Entwicklung digitaler Designentscheidungen und hat somit weitgehende Auswirkungen auf das Nutzerverhalten. Dass dies besonders für die Sicherheit und Vertraulichkeit nicht nur von Vorteil sein kann, sondern Nutzer*innen negativ beeinflussen kann, wird in dieser Arbeit ersichtlich. Betrachtetwerden dafür die Themengebiete Anti-Patterns, Grey Patterns und Dark-Patterns. Anti-Patterns bezeichnen wiederkehrende Lösungen für ein Konzept eines User Interfaces, die trotz guter Intention ungewünschte Nebeneffekte oder Konsequenzen haben. Dark-Patterns dagegen stellen Designentscheidungen dar, die durch Täuschung oder Ausnutzung psychischen Drucks versuchen Nutzer*innen zu Handlungen zu verleiten, von denen die Ersteller*innen des Dark-Patterns mehr profitieren als die Anwender* innen. Der Begriff Grey Patterns wird in dieser Arbeit für alle Design Patterns genutzt, die sich nicht direkt zuordnen lassen. Da es bisher kaum vergleichendeWerke und keinen Konsens zu diesen Themengebieten gibt, ist das Ziel dieser Arbeit ein grundlegendes Modell aufzustellen. Dabei wird durch die Untersuchung bestehender Literatur eine zusammenfassende Taxonomie und ein Vorgehen zur Unterscheidung von Anti-Patterns und Dark-Patterns erarbeitet, die als Grundlage für weitere Arbeiten und zur Entwicklung von Gegenmaßnahmen genutzt werden können.
@inproceedings{buhleier_klassifikation_2022,
address = {Darmstadt},
series = {Mensch und {Computer} 2022 - {Workshopband}},
title = {Eine {Klassifikation} sicherheitskritischer {UX}-{Design}-{Patterns}},
url = {https://dl.gi.de/handle/20.500.12116/39087},
doi = {10.18420/muc2022-mci-ws10-275},
abstract = {User Experience ist von zunehmender Relevanz für die Entwicklung digitaler Designentscheidungen und hat somit weitgehende Auswirkungen auf das Nutzerverhalten. Dass dies besonders für die Sicherheit und Vertraulichkeit nicht nur von Vorteil sein kann, sondern Nutzer*innen negativ beeinflussen kann, wird in dieser Arbeit ersichtlich. Betrachtetwerden dafür die Themengebiete Anti-Patterns, Grey Patterns und Dark-Patterns. Anti-Patterns bezeichnen wiederkehrende Lösungen für ein Konzept eines User Interfaces, die trotz guter Intention ungewünschte Nebeneffekte oder Konsequenzen haben. Dark-Patterns dagegen stellen Designentscheidungen dar, die durch Täuschung oder Ausnutzung psychischen Drucks versuchen Nutzer*innen zu Handlungen zu verleiten, von denen die Ersteller*innen des Dark-Patterns mehr profitieren als die Anwender* innen. Der Begriff Grey Patterns wird in dieser Arbeit für alle Design Patterns genutzt, die sich nicht direkt zuordnen lassen. Da es bisher kaum vergleichendeWerke und keinen Konsens zu diesen Themengebieten gibt, ist das Ziel dieser Arbeit ein grundlegendes Modell aufzustellen. Dabei wird durch die Untersuchung bestehender Literatur eine zusammenfassende Taxonomie und ein Vorgehen zur Unterscheidung von Anti-Patterns und Dark-Patterns erarbeitet, die als Grundlage für weitere Arbeiten und zur Entwicklung von Gegenmaßnahmen genutzt werden können.},
language = {de},
booktitle = {Mensch und {Computer} 2022 - {Workshopband}},
publisher = {Gesellschaft für Informatik},
author = {Buhleier, Laura and Linsner, Sebastian and Steinbrink, Enno and Reuter, Christian},
year = {2022},
keywords = {Student, Security, UsableSec, HCI, Projekt-CROSSING, Projekt-GRKPrivacy},
}
[BibTeX] [Abstract] [Download PDF]
Mit der globalen COVID-19-Pandemie und dem Hochwasser in West- und Mitteleuropa im Sommer 2021 hat unter anderem Deutschland in jüngster Vergangenheit zwei schwerwiegende Krisenszenarien erlebt. Die Auswirkungen auf die Gesellschaft und Wirtschaft sind verheerend. Parallel lassen sich Krisenereignisse im digitalen Raum, wie die Zunahme an Cyberkriminalität beobachten. Es wird zunehmend deutlich, dass die Resilienz analoger sowie digitaler Prozesse wichtiger für die vollständige Betriebsfähigkeit wird. Die vorliegende Arbeit setzt sich mit der Bedeutung des Resilient Smart Farming (RSF) in Krisenzeiten als Möglichkeit für eine nachhaltige, umweltgerechte und resiliente digitale Landwirtschaft auseinander. Dazu wurden u.a. lokale Schadensmeldungen gruppiert und mögliche RSF-Gegenmaßnahmen aufgezeigt. Im Ergebnis zeigt sich eine Bewertung von Konzepten des RSF hinsichtlich der Krisenprävention und -bewältigung anhand aktueller realer Beispiele. Aufgrund zunehmender Bedrohungen durch Naturkatastrophen und Cyberkriminialität gehen wir davon aus, dass die Aufmerksamkeit von Gesellschaft und Politik für die Resilienz der Primärproduktion weiter steigen wird.
@inproceedings{eberz-eder_sensibilitat_2022,
address = {Tänikon, Switzerland},
title = {Sensibilität für {Resilient} {Smart} {Farming} ({RSF}) und seine {Bedeutung} in {Krisenzeiten}},
url = {https://peasec.de/paper/2022/2022_EberzEderKuntkeReuter_SensibilitaetResilientSmartFarmingKrisen_GIL.pdf},
abstract = {Mit der globalen COVID-19-Pandemie und dem Hochwasser in West- und Mitteleuropa im Sommer 2021 hat unter anderem Deutschland in jüngster Vergangenheit zwei schwerwiegende Krisenszenarien erlebt. Die Auswirkungen auf die Gesellschaft und Wirtschaft sind verheerend. Parallel lassen sich Krisenereignisse im digitalen Raum, wie die Zunahme an Cyberkriminalität beobachten. Es wird zunehmend deutlich, dass die Resilienz analoger sowie digitaler Prozesse wichtiger für die vollständige Betriebsfähigkeit wird. Die vorliegende Arbeit setzt sich mit der Bedeutung des Resilient Smart Farming (RSF) in Krisenzeiten als Möglichkeit für eine nachhaltige, umweltgerechte und resiliente digitale Landwirtschaft auseinander. Dazu wurden u.a. lokale Schadensmeldungen gruppiert und mögliche RSF-Gegenmaßnahmen aufgezeigt. Im Ergebnis zeigt sich eine Bewertung von Konzepten des RSF hinsichtlich der Krisenprävention und -bewältigung anhand aktueller realer Beispiele. Aufgrund zunehmender Bedrohungen durch Naturkatastrophen und Cyberkriminialität gehen wir davon aus, dass die Aufmerksamkeit von Gesellschaft und Politik für die Resilienz der Primärproduktion weiter steigen wird.},
booktitle = {42. {GIL}-{Jahrestagung}: {Informatik} in der {Land}-, {Forst}- und {Ernährungswirtschaft}},
publisher = {Gesellschaft für Informatik},
author = {Eberz-Eder, Daniel and Kuntke, Franz and Reuter, Christian},
year = {2022},
keywords = {Projekt-AgriRegio, Projekt-GeoBox, Crisis},
}
[BibTeX] [Abstract] [Download PDF]
Over the past few decades, the number and variety of cyberattacks and malware patterns have increased immensely. As a countermeasure, computer emergency response teams were established with the responsibility of securing the cyber environment. However, recent studies revealed that currently performed manual processes and the unavailability of adequate tools impede the achievement of cybersecurity. To address these challenges, we followed the Design Science paradigm to develop an artefact that improves the evaluation of open-source intelligence obtained from Twitter as well as the actor-specific communication of cyber threat information. Subsequently, the implemented artefact will be evaluated through semi-structured interviews with subject matter experts. This research in progress article presents the identified research gap and describes the development process and the endeavor to contribute to the cybersecurity domain theoretically with design principles for the development of an instrument and practically by implementing an artefact that supports domain experts in their work.
@inproceedings{eyilmez_design_2022,
title = {A {Design} {Science} {Artefact} for {Cyber} {Threat} {Detection} and {Actor} {Specific} {Communication}},
url = {https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1049&context=acis2022},
abstract = {Over the past few decades, the number and variety of cyberattacks and malware patterns have increased immensely. As a countermeasure, computer emergency response teams were established with the responsibility of securing the cyber environment. However, recent studies revealed that currently performed manual processes and the unavailability of adequate tools impede the achievement of cybersecurity. To address these challenges, we followed the Design Science paradigm to develop an artefact that improves the evaluation of open-source intelligence obtained from Twitter as well as the actor-specific communication of cyber threat information. Subsequently, the implemented artefact will be evaluated through semi-structured interviews with subject matter experts. This research in progress article presents the identified research gap and describes the development process and the endeavor to contribute to the cybersecurity domain theoretically with design principles for the development of an instrument and practically by implementing an artefact that supports domain experts in their work.},
booktitle = {Australasian {Conference} on {Information} {Systems} ({ACIS})},
publisher = {AIS Electronic Library (AISel)},
author = {Eyilmez, Kaan and Basyurt, Ali Sercan and Stieglitz, Stefan and Fuchss, Christoph and Kaufhold, Marc-André and Reuter, Christian and Mirabaie, Milad},
year = {2022},
keywords = {Student, Security, Projekt-CYWARN},
}
[BibTeX] [Abstract] [Download PDF]
The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study’s findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.
@article{franken_digital_2022,
title = {The {Digital} {Divide} in {State} {Vulnerability} to {Submarine} {Communications} {Cable} {Failure}},
volume = {38},
url = {https://peasec.de/paper/2022/2022_FrankenReinholdReichertReuter_DigitalDivideStateVulnerabilitySubmarineCommunicationsCable_IJCIP.pdf},
doi = {10.1016/j.ijcip.2022.100522},
abstract = {The backbone network of submarine communication cables (SCC) carries 98\% of international internet traffic. Coastal and island states strongly depend on this physical internet infrastructure to provide internet connectivity. Although about 100 SCC breakdowns of human or natural origin occur at yearly average, a literature review reveals that there is no approach to assess individual state vulnerability to SCC failure in global comparison. In this article, the global SCC network is modeled based on publicly available data. Besides the analysis of the global network properties, a focus is put on remaining bandwidth capacities in three different failure scenario simulations of SCC breakdowns. As a result, this study identifies 15 highly vulnerable states and overseas territories, and another 28 territories that are classified as partially vulnerable to SCC failures. Since economic market decisions shape the structure of the SCC network, an uneven distribution of redundancies and the resulting vulnerability of disadvantaged economies can be confirmed. Therefore, the study's findings may contribute to a better assessment of the necessity of preventive protection measures of critical telecommunication infrastructures in states and territories characterized by high and medium vulnerability.},
number = {100522},
journal = {International Journal of Critical Infrastructure Protection (IJCIP)},
author = {Franken, Jonas and Reinhold, Thomas and Reichert, Lilian and Reuter, Christian},
year = {2022},
keywords = {Student, Projekt-AgriRegio, Security, Projekt-ATHENE-SecUrban, A-Paper, Selected, Ranking-ImpactFactor, AuswahlPeace},
pages = {1--15},
}
[BibTeX] [Abstract] [Download PDF]
Social media have come to play a vital role not only in our everyday lives, but also in times of conflict and crisis such as natural disasters or civil wars. Recent research has highlighted, on the one hand, the use of social media as a means of recruitment by terrorists and, on the other hand, the use of Facebook, Twitter etc. to gain the support of the population during insurgencies. This article conducts a qualitative content analysis of content on Twitter concerning the conflict in the Jammu and Kashmir region. The tweets following the death of a popular militant, Burhan Wani, cover three different themes: (1) criticism of intellectuals, (2) Burhan Wani’s impact on the conflict, and (3) tweets referring to the conflict itself. Generally, people use Twitter to make their own point of view clear to others and discredit the opposing party, at the same time tweets are reflecting the antagonism between the two parties to the conflict, India and Pakistan. The sample of tweets reflects the lack of awareness among people in the region regarding the motivations of the new generation of militancy emerging in Kashmir after 1990.
@article{gabel_discussing_2022,
title = {Discussing {Conflict} in {Social} {Media} – {The} {Use} of {Twitter} in the {Jammu} and {Kashmir} {Conflict}},
volume = {15},
url = {https://journals.sagepub.com/doi/full/10.1177/1750635220970997},
abstract = {Social media have come to play a vital role not only in our everyday lives, but also in times of conflict and crisis such as natural disasters or civil wars. Recent research has highlighted, on the one hand, the use of social media as a means of recruitment by terrorists and, on the other hand, the use of Facebook, Twitter etc. to gain the support of the population during insurgencies. This article conducts a qualitative content analysis of content on Twitter concerning the conflict in the Jammu and Kashmir region. The tweets following the death of a popular militant, Burhan Wani, cover three different themes: (1) criticism of intellectuals, (2) Burhan Wani's impact on the conflict, and (3) tweets referring to the conflict itself. Generally, people use Twitter to make their own point of view clear to others and discredit the opposing party, at the same time tweets are reflecting the antagonism between the two parties to the conflict, India and Pakistan. The sample of tweets reflects the lack of awareness among people in the region regarding the motivations of the new generation of militancy emerging in Kashmir after 1990.},
number = {4},
journal = {Media, War \& Conflict},
author = {Gabel, Sabrina and Reichert, Lilian and Reuter, Christian},
year = {2022},
keywords = {Peace, Crisis, HCI, Projekt-ATHENE-SecUrban, Ranking-ImpactFactor, SocialMedia},
pages = {1--26},
}
[BibTeX] [Abstract] [Download PDF]
Organizations affected by a cyber-attack usually rely on external Cyber Incident Response (CIR) consultants to conduct investigations and mitigate the impact. These CIR consultants need to make critical decisions that could have major impact on their clients. This preliminary investigation aims to get a better understanding of CIR decision-making and answers the following questions: (1.) To what extent do experienced CIR consultants use a Recognition-Primed Decision (RPD) Making strategy during their work? (2.) What are the implications for cyber crisis management as well as for training and decision-making? To answer these questions, we conducted a literature review and interviewed six experienced CIR consultants using the Critical Decision Method. Our analysis reveals that CIR consultants recognize situations based on past experiences and apply a course of action that has worked effectively in the past. This course of action is mainly aimed at collecting and evaluating more data. This finding differs from other operational domains such as the military and fire department, where recognition is usually followed immediately by action. For cyber crisis management, this means that crisis management teams should decide to what extent and in what ways they want to mitigate the risk of responding belatedly to cyber events, which could potentially lead to unnecessary data theft and sustained business disruption. Another implication is that crisis management teams should consider whether additional forensic investigation outweighs the expected benefits throughout the response process. For instance, if the likely entry-point of the attacker has been discovered, how much effort should be devoted to exclude other potential entry-points. Reflecting on the status-quo, several implications for training and decision-making are provided.
@inproceedings{groenendaal_towards_2022,
title = {Towards {More} {Insight} into {Cyber} {Incident} {Response} {Decision} {Making} and its {Implications} for {Cyber} {Crisis} {Management}},
url = {http://idl.iscram.org/files/jellegroenendaal/2022/2468_JelleGroenendaal_etal2022.pdf},
abstract = {Organizations affected by a cyber-attack usually rely on external Cyber Incident Response (CIR) consultants to conduct investigations and mitigate the impact. These CIR consultants need to make critical decisions that could have major impact on their clients. This preliminary investigation aims to get a better understanding of CIR decision-making and answers the following questions: (1.) To what extent do experienced CIR consultants use a Recognition-Primed Decision (RPD) Making strategy during their work? (2.) What are the implications for cyber crisis management as well as for training and decision-making? To answer these questions, we conducted a literature review and interviewed six experienced CIR consultants using the Critical Decision Method. Our analysis reveals that CIR consultants recognize situations based on past experiences and apply a course of action that has worked effectively in the past. This course of action is mainly aimed at collecting and evaluating more data. This finding differs from other operational domains such as the military and fire department, where recognition is usually followed immediately by action. For cyber crisis management, this means that crisis management teams should decide to what extent and in what ways they want to mitigate the risk of responding belatedly to cyber events, which could potentially lead to unnecessary data theft and sustained business disruption. Another implication is that crisis management teams should consider whether additional forensic investigation outweighs the expected benefits throughout the response process. For instance, if the likely entry-point of the attacker has been discovered, how much effort should be devoted to exclude other potential entry-points. Reflecting on the status-quo, several implications for training and decision-making are provided.},
booktitle = {Proceedings of the {Information} {Systems} for {Crisis} {Response} and {Management} ({ISCRAM})},
author = {Groenendaal, Jelle and Helsloot, Ira and Reuter, Christian},
year = {2022},
keywords = {Security, UsableSec},
}
[BibTeX] [Abstract] [Download PDF]
The impact of the rapid technological change on peace and security continuously grows and becomes increasingly complex. Against the background of a quickly deteriorating security environment, the international conference SCIENCE · PEACE · SECURITY ’21 (RWTH Aachen University, 8-10 September 2021) examined the role of emerging technologies. The 60 speakers and 220 participants came from the natural, technical and social sciences. Diplomats and representatives from international organisations participated in the discussions. Topics included nuclear, chemical and biological arms control, autonomy in weapon systems, cybersecurity and the militarization of space among others. The main outcome was that all of these issues could be more effectively addressed by new approaches to rigorous interdisciplinary research collaboration to create policy-relevant knowledge and by tightening the nexus between the scientist and policy communities. Both can only be achieved and sustained by funding novel structures that enable scientific-technical scholars to engage on these topics. Key problems to be addressed by integrating natural, technical and social science perspectives include early risk assessment of potential dual-use research and technologies – especially in bio-security and epidemiology as well as IT and robotic research. Ways forward are the inclusion of norms into technology design as well as addressing questions of responsibility and standards. For military-usable technologies, entirely new regulatory approaches are necessary to prevent escalatory dynamics and to maintain accountability structures, moving from object-based to behaviour-based approaches. Scientific-technical research contributes to peace and security in positive ways. A prominent example are nuclear verification techniques. While instruments to monitor nonproliferation and test ban commitments benefit from further improvement, many gaps on how to verify future arms control and disarmament agreements still exist and must be urgently closed. The best cutting-edge scientific and academic expertise that is required for these complex research tasks is found in universities and other independent research institutes. Typically, however, decisionmakers draw knowledge from governmental institutions because of ease and existing connections. Therefore, efforts should be made to better connect the policy and academic communities. Communication between both can be improved by meeting on a regular basis and not only when advice on a specific issue is sought. This can foster more stable relationships and increase an understanding of each other. Lastly, opportunities should be improved for the younger generation of scientists and technologists to engage with policymakers. It is crucial to educate and engage early-on the next generation of scientifically-literate policymakers and security-aware scientists.
@book{gottsche_conference_2022,
address = {Aachen},
title = {Conference {Proceedings} : {Science}, {Peace}, {Security} '21 : {The} {Impact} of new {Technologies}: {Destabilizing} or {Enabling} {Resilience}? : 8-10 {September} 2021},
url = {https://peasec.de/paper/2022/2022_Goettscheetal_ProceedingsSciencePeaceSecurity21ImpactOfNewTechnologies.pdf},
abstract = {The impact of the rapid technological change on peace and security continuously grows and becomes increasingly complex. Against the background of a quickly deteriorating security environment, the international conference SCIENCE · PEACE · SECURITY ’21 (RWTH Aachen University, 8-10 September 2021) examined the role of emerging technologies. The 60 speakers and 220 participants came from the natural, technical and social sciences. Diplomats and representatives from international organisations participated in the discussions. Topics included nuclear, chemical and biological arms control, autonomy in weapon systems, cybersecurity and the militarization of space among others.
The main outcome was that all of these issues could be more effectively addressed by new approaches to rigorous interdisciplinary research collaboration to create policy-relevant knowledge and by tightening the nexus between the scientist and policy communities. Both can only be achieved and sustained by funding novel structures that enable scientific-technical scholars to engage on these topics.
Key problems to be addressed by integrating natural, technical and social science perspectives include early risk assessment of potential dual-use research and technologies – especially in bio-security and epidemiology as well as IT and robotic research. Ways forward are the inclusion of norms into technology design as well as addressing questions of responsibility and standards. For military-usable technologies, entirely new regulatory approaches are necessary to prevent escalatory dynamics and to maintain accountability structures, moving from object-based to behaviour-based approaches.
Scientific-technical research contributes to peace and security in positive ways. A prominent example are nuclear verification techniques. While instruments to monitor nonproliferation and test ban commitments benefit from further improvement, many gaps on how to verify future arms control and disarmament agreements still exist and must be urgently closed.
The best cutting-edge scientific and academic expertise that is required for these complex research tasks is found in universities and other independent research institutes. Typically, however, decisionmakers draw knowledge from governmental institutions because of ease and existing connections. Therefore, efforts should be made to better connect the policy and academic communities. Communication between both can be improved by meeting on a regular basis and not only when advice on a specific issue is sought. This can foster more stable relationships and increase an understanding of each other.
Lastly, opportunities should be improved for the younger generation of scientists and technologists to engage with policymakers. It is crucial to educate and engage early-on the next generation of scientifically-literate policymakers and security-aware scientists.},
publisher = {RWTH Aachen University},
author = {Göttsche, Malte and Bauer, Sibylle and Dahlmann, Anja and Frieß, Friederike and Lentzos, Filippa and Neuneck, Götz and Niemeyer, Irmgard and Riebe, Thea and Silomon, Jantje and Reuter, Christian and Brochhaus, Jakob and Rademacher, Lukas},
year = {2022},
doi = {10.18154/RWTH-2022-02256},
keywords = {Peace},
}
[BibTeX] [Abstract] [Download PDF]
Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users‘ perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.
@article{hartwig_nudging_2022,
title = {Nudging {Users} {Towards} {Better} {Security} {Decisions} in {Password} {Creation} {Using} {Whitebox}-based {Multidimensional} {Visualizations}},
volume = {41},
url = {https://peasec.de/paper/2022/2022_HartwigReuter_WhiteboxMultidimensionalNudges_BIT.pdf},
doi = {10.1080/0144929X.2021.1876167},
abstract = {Nudging users to keep them secure online has become a growing research field in cybersecurity. While existing approaches are mainly blackbox based, showing aggregated visualisations as one-size-fits-all nudges, personalisation turned out promising to enhance the efficacy of nudges within the high variance of users and contexts. This article presents a disaggregated whitebox-based visualisation of critical information as a novel nudge. By segmenting users according to their decision-making and information processing styles, we investigate if the novel nudge is more effective for specific users than a common black-box nudge. Based on existing literature about critical factors in password security, we designed a dynamic radar chart and parallel coordinates as disaggregated visualisations. We evaluated the short-term effectiveness and users' perception of the nudges in a think-aloud prestudy and a representative online evaluation (N=1.012). Our findings suggest that dynamic radar charts present a moderately effective nudge towards stronger passwords regarding short-term efficacy and are appreciated particularly by players of role-playing games.},
number = {7},
journal = {Behaviour \& Information Technology (BIT)},
author = {Hartwig, Katrin and Reuter, Christian},
year = {2022},
keywords = {Security, UsableSec, HCI, Projekt-ATHENE-FANCY, Projekt-CROSSING, A-Paper, AuswahlUsableSec, Selected, Ranking-CORE-A, Ranking-ImpactFactor},
pages = {1357--1380},
}
[BibTeX] [Abstract] [Download PDF]
Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.
@inproceedings{haunschild_perceptions_2022,
address = {New York},
title = {Perceptions and {Use} of {Warning} {Apps} – {Did} {Recent} {Crises} {Lead} to {Changes} in {Germany}?},
url = {http://www.peasec.de/paper/2022/2022_HaunschildKaufholdReuter_WarningAppsChangesGermany_MuC.pdf},
doi = {10.1145/3543758.3543770},
abstract = {Warning and emergency apps are an integral part of crisis informatics and particularly relevant in countries that currently do not have cell broadcast, such as Germany. Previous studies have shown that such apps are regarded as relevant, but only around 16\% of German citizens used them in 2017 and 2019. With the COVID-19 pandemic and a devastating flash flood, Germany has recently experienced severe crisis-related losses. By comparing data from representative surveys from 2017, 2019 and 2021, this study investigates whether these events have changed the perceptions of warning apps and their usage patterns in Germany. The study shows that while multi-hazard emergency and warning apps have been easily surpassed in usage by COVID-19 contact tracing apps, the use of warning apps has also increased and the pandemic has added new desired features. While these have been little-used during the COVID-19 pandemic, especially non-users see smartphone messengers app channels as possible alternatives to warning apps. In addition, regional warning apps appear promising, possibly because they make choosing a warning app easier when there are several available on the market.},
language = {en},
booktitle = {Mensch und {Computer} - {Tagungsband}},
publisher = {ACM},
author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
year = {2022},
keywords = {Crisis, Projekt-CYWARN, Projekt-emergenCITY, Projekt-ATHENE-SecUrban},
}
[BibTeX] [Abstract] [Download PDF]
Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.
@incollection{haunschild_cultural_2022,
title = {Cultural {Violence} and {Fragmentation} on {Social} {Media}: {Interventions} and {Countermeasures} by {Humans} and {Social} {Bots}},
isbn = {978-0-367-62674-7},
url = {https://peasec.de/paper/2022/2022_HaunschildKaufholdReuter_SocialMediaAndFragmentation_Routledge.pdf},
abstract = {Mobile technologies and social media services are among the socio-technological innovations that have an enormous impact transforming modern culture and political processes. Social media are often defined as a “group of internet-based applications […] that allow the creation and exchange of user-generated content” (Kaplan and Haenlein 2010). Shaping opinions, politics, participation, and protest (Wulf et al. 2013), they are used by citizens for news consumption and social exchange (Robinson et al. 2017); by journalists for reporting, analyzing, and collecting information (Stieglitz et al. 2018a); and by organizations to monitor crises, emergencies, customer feedback, and sentiment, among others (Haunschild et al. 2020). Large-scale international events, such as the 2010 Arab Spring, showcased the potential of socio-technological transformations: Citizens were not passive victims but active and autonomous participants utilizing social media to coordinate protest and for crisis response (Reuter and Kaufhold 2018). However, in other cases, citizens’ activities coordinated via social media also increased the complexity of tasks and pressure for formal authorities, since the lack of state control has not had only empowering or benign effects. Instead, on social media, false information spreads fast and it is easy for groups to find an audience there, either to enhance their profit or to target vulnerable groups with dangerous ideology.},
booktitle = {Cyber {Security} {Politics}: {Socio}-{Technological} {Transformations} and {Political} {Fragmentation}},
publisher = {Routledge},
author = {Haunschild, Jasmin and Kaufhold, Marc-André and Reuter, Christian},
editor = {Cavelty, Myriam Dunn and Wenger, Andreas},
year = {2022},
keywords = {Peace, Crisis, Projekt-CYWARN, Projekt-emergenCITY, Projekt-ATHENE-SecUrban, SocialMedia},
pages = {48--63},
}
[BibTeX] [Abstract] [Download PDF]
Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasing information quantity disseminated into relevant public channels. Using the lens of design science research, this paper contributes with the design and evaluation of a cross-platform cybersecurity dashboard for CERTs. Based on expert scenario-based walkthroughs in combination with semi-structured interviews (N=12), it discusses six design implications, including the customizability of data sources and filtering of displayed entities, modular integration of additional information sources, interrelation between different information feeds, intelligent algorithms for content assessment and filtering, integration with security software and systems, as well as export, sharing and communication of relevant data.
@inproceedings{kaufhold_cyber_2022,
address = {Timisoara, Romania},
title = {Cyber {Threat} {Observatory}: {Design} and {Evaluation} of an {Interactive} {Dashboard} for {Computer} {Emergency} {Response} {Teams}},
url = {http://www.peasec.de/paper/2022/2022_KaufholdBasyurtEyilmezStoettingerReuter_CyberThreatObservatory_ECIS.pdf},
abstract = {Besides the merits of increasing digitization and networking, societies are increasling exposed to cyberattacks. In Germany, Computer Emerrgency Response Teams (CERTs) of the public sector operate on federal and state level to provide preventative and reactive information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats is getting more complex by the increasi