Dr. Thea Riebe

@inproceedings{kaufhold_we_2024,
address = {New York, NY, USA},
series = {{CHI} '24},
title = {'{We} {Do} {Not} {Have} the {Capacity} to {Monitor} {All} {Media}': {A} {Design} {Case} {Study} on {Cyber} {Situational} {Awareness} in {Computer} {Emergency} {Response} {Teams}},
isbn = {9798400703300},
url = {https://peasec.de/paper/2024/2024_KaufholdRiebeBayerReuter_CertDesignCaseStudy_CHI.pdf},
doi = {10.1145/3613904.3642368},
abstract = {Computer Emergency Response Teams (CERTs) have been established in the public sector globally to provide advisory, preventive and reactive cybersecurity services for government agencies, citizens, and businesses. Nevertheless, their responsibility of monitoring, analyzing, and communicating cyber threats and security vulnerabilities have become increasingly challenging due to the growing volume and varying quality of information disseminated through public and social channels. Based on a design case study conducted from 2021 to 2023, this paper combines three iterations of expert interviews (N=25), design workshops (N=4) and cognitive walkthroughs (N=25) to design an automated, cross-platform and real-time cybersecurity dashboard. By adopting the notion of cyber situational awareness, the study further extracts user requirements and design heuristics for enhanced threat intelligence and mission awareness in CERTs, discussing the aspects of source integration, data management, customizable visualization, relationship awareness, information assessment, software integration, (inter-)organizational collaboration, and communication of stakeholder warnings.},
booktitle = {Proceedings of the {Conference} on {Human} {Factors} in {Computing} {Systems} ({CHI}) ({Best} {Paper} {Award})},
publisher = {Association for Computing Machinery},
author = {Kaufhold, Marc-André and Riebe, Thea and Bayer, Markus and Reuter, Christian},
year = {2024},
keywords = {HCI, Selected, UsableSec, Security, A-Paper, Ranking-CORE-A*, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold, Projekt-CYLENCE, Projekt-ATHENE-CyAware},
}

@incollection{reuter_peace_2024,
address = {Wiesbaden, Germany},
title = {Peace {Informatics}: {Bridging} {Peace} and {Conflict} {Studies} with {Computer} {Science}},
abstract = {Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Gonsior, Anja-Liisa and Riebe, Thea and Kaufhold, Marc-André},
editor = {Reuter, Christian},
year = {2024},
keywords = {Security, Peace, Infrastructure},
}

@incollection{reuter_outlook_2024,
address = {Wiesbaden, Germany},
title = {Outlook: {The} {Future} of {IT} in {Peace} and {Security}},
abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Aal, Konstantin and Altmann, Jürgen and Bernhardt, Ute and Denker, Kai and Franken, Jonas and Gonsior, Anja-Liisa and Guntrum, Laura and Herrmann, Dominik and Hollick, Matthias and Katzenbeisser, Stefan and Kaufhold, Marc-André and Reinhold, Thomas and Riebe, Thea and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schirch, Lisa and Schmid, Stefka and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
editor = {Reuter, Christian},
year = {2024},
keywords = {Security, Peace, Projekt-CROSSING},
}

@techreport{reuter_technologie_2024,
address = {Wissenschaft und Frieden},
title = {​​{Technologie} und die {Transformation} {Politischer} {Gewalt}},
url = {http://www.peasec.de/paper/2024/2024_ReuterRiebeGuntrum_TechnologieTransformationPolitischeGewalt_WundF.pdf},
abstract = {Die Konferenz Science · Peace · Security ’23 fand vom 20. bis 22. September 2023 an der Technischen Universität Darmstadt statt. Sie widmete sich dem Wandel von Technologien, deren Rolle in Kriegen und Konflikten sowie Fragen der Rüstungskontrolle. Ausgerichtet wurde die englischsprachige Konferenz von TraCe, einem hessischen BMBF-Forschungsverbund zu Transformationen politischer Gewalt, vom DFG-Sonderforschungsbereich CROSSING zu kryptografiebasierten Sicherheitslösungen und vom Forschungsverbund Naturwissenschaft, Abrüstung und internationale Sicherheit FONAS.
Der Krieg Russlands gegen die Ukraine macht die Bedeutung der Friedens- und Konfliktforschung und deren technische Dimension, unter anderem, offensichtlich. Bereits 2019 hat der Wissenschaftsrat als wichtigstes wissenschaftspolitisches Beratungsgremium in Deutschland seine Empfehlungen zur Weiterentwicklung der Friedens- und Konfliktforschung veröffentlicht. Darin weist er auf einen dringenden Handlungsbedarf zur Stärkung der naturwissenschaftlich-technischen Friedens- und Konfliktforschung hin. Die Konferenzreihe Science · Peace · Security möchte einen kleinen Beitrag dazu leisten. Sie wurde 2019 in Darmstadt gegründet, fand 2021 an der RWTH Aachen statt, und soll 2025 am Forschungszentrum Jülich stattfinden.},
author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
year = {2024},
keywords = {Peace},
}

@incollection{reuter_teaching_2024,
address = {Wiesbaden, Germany},
title = {Teaching {Peace} {Informatics}: {Reflections} from {Lectures} and {Exercises}},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Riebe, Thea and Haunschild, Jasmin and Reinhold, Thomas and Schmid, Stefka},
editor = {Reuter, Christian},
year = {2024},
keywords = {Security, Peace, Infrastructure},
}

@article{reuter_informatik_2024,
title = {Informatik für den {Frieden}: {Perspektive} von {PEASEC} zu 40 {Jahren} {FIfF}},
journal = {FIfF-Kommunikation},
author = {Reuter, Christian and Franken, Jonas and Reinhold, Thomas and Kuehn, Philipp and Kaufhold, Marc-André and Riebe, Thea and Hartwig, Katrin and Biselli, Tom and Schmid, Stefka and Guntrum, Laura and Haesler, Steffen},
year = {2024},
keywords = {Security, Peace},
}

@incollection{riebe_dual-use_2024,
address = {Wiesbaden, Germany},
title = {Dual-{Use} {Information} {Technology}: {Research}, {Development} and {Governance}},
isbn = {978-3-658-25652-4},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
editor = {Reuter, Christian},
year = {2024},
keywords = {Peace},
}

@incollection{riebe_creative_2024,
title = {Creative {Uses} of {Technology}: {Dual} {Use} {Governance}, {Assessment} and {Design}},
booktitle = {Conflict \& {Health} {Handbook}},
publisher = {De Gruyter},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
editor = {Hagopian, Amy and Birch, Marion},
year = {2024},
keywords = {Peace},
}

@article{gonsior_friedensinformatik_2023,
title = {Friedensinformatik: heute und morgen},
volume = {2023},
url = {https://peasec.de/paper/2023/2023_GonsiorRiebeSchmidReinholdReuter_FriedensinformatikHeuteMorgen_WundF.pdf},
number = {4},
journal = {FIfF-Kommunikation},
author = {Gonsior, Anja-Liisa and Riebe, Thea and Schmid, Stefka and Reinhold, Thomas and Reuter, Christian},
year = {2023},
keywords = {Peace},
pages = {34--37},
}

@book{reuter_science_2023,
address = {Darmstadt, Germany},
title = {Science {Peace} {Security} ‘23 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/24777},
abstract = {The conference Science · Peace · Security '23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.},
publisher = {TUprints},
author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
year = {2023},
doi = {10.26083/tuprints-00024777},
keywords = {Security, Peace, Projekt-CROSSING, Projekt-TraCe},
}

@incollection{reuter_science_2023-1,
address = {Darmstadt, Germany},
title = {Science {Peace} {Security} ’23: {Editorial} of the {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/24777},
abstract = {The conference Science · Peace · Security '23 took place from September 20 to 22, 2023, at the Georg-Christoph-Lichtenberg-Haus of the Technical University of Darmstadt. It focused on the transformation of technologies, their role in wars and conflicts, and issues related to arms control. The three-day scientific conference welcomed over 110 participants from Germany and speakers from the United Kingdom, Sweden, the USA, Colombia, India, Italy, Switzerland, Norway, the Czech Republic, Iraq, Austria, and the Netherlands. More than 50 different organizations were represented, ensuring interdisciplinary exchange. The program covered a wide range of topics reflecting societal discourses in light of a changing global security landscape. In total, the conference featured 40 presentations, workshops, discussions, and panels that discussed current and future challenges in the field of technical peace and conflict research. Particularly relevant topics included: Artificial Intelligence, Unmanned Weapons Systems, Rocket and Space Technologies (Nuclear) Arms Control, Regulation of Biological and Chemical Weapons, Information Technologies for Surveillance and Oppression of Civilians, (Civilian) Critical Infrastructures, Digital Peacebuilding, Human-Machine Interaction, Dual-Used, Cyber Attacks and Relevant Technology and Security Policies.},
booktitle = {Science {Peace} {Security} ’23: {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
publisher = {TUprints},
author = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
editor = {Reuter, Christian and Riebe, Thea and Guntrum, Laura},
year = {2023},
doi = {10.26083/tuprints-00024777},
keywords = {Security, Peace, Projekt-CROSSING, Projekt-TraCe},
pages = {9--13},
}

@book{riebe_technology_2023,
address = {Darmstadt, Germany},
title = {Technology {Assessment} of {Dual}-{Use} {ICTs} – {How} to assess {Diffusion}, {Governance} and {Design}},
url = {https://tuprints.ulb.tu-darmstadt.de/22849/},
abstract = {Technologies that can be used in military and civilian applications are referred to as dual-use. The dual-use nature of many information and communications technologies (ICTs) raises new questions for research and development for national, international, and human security. Measures to deal with the risks associated with the various dual-use technologies, including proliferation control, design approaches, and policy measures, vary widely. For example, Autonomous Weapon Systems (AWS) have not yet been regulated, while cryptographic products are subject to export and import controls. Innovations in artificial intelligence (AI), robotics, cybersecurity, and automated analysis of publicly available data raise new questions about their respective dual-use risks.
Dual-use risks have been systematically discussed so far, especially in the life sciences, which have contributed to the development of methods for assessment and risk management. Dual-use risks arise, among other things, from the fact that safety-critical technologies can be easily disseminated or modified, as well as used as part of a weapon system. Therefore, the development and adaptation of robots and software requires an independent consideration that builds on the insights of related dual-use discourses. Therefore, this dissertation considers the management of such risks in terms of the proliferation, regulation, and design of individual dual-use information technologies. Technology Assessment (TA) is the epistemological framework for this work, bringing together the concepts and approaches of Critical Security Studies (CSS) and Human-Computer Interaction (HCI) to help evaluate and shape dual-use technologies.
In order to identify the diffusion of dual-use at an early stage, the dissertation first examines the diffusion of dual-use innovations between civilian and military research in expert networks on LinkedIn, as well as on the basis of AI patents in a patent network. The results show low diffusion and tend to confirm existing studies on diffusion in patent networks. In the following section, the regulation of dual-use technologies is examined in the paper through two case studies. The first study uses a discourse analysis to show the value conflicts with regard to the regulation of autonomous weapons systems using the concept of Meaningful Human Control (MHC), while a second study, as a long-term comparative case study, analyzes the change and consequences of the regulation of strong cryptography in the U.S. as well as the programs of intelligence agencies for mass surveillance. Both cases point to the central role of private companies, both in the production of AWS and as intermediaries for the dissemination of encryption, as well as surveillance intermediaries. Subsequently, the dissertation examines the design of a dual-use technology using an Open Source Intelligence System (OSINT) for cybersecurity. For this purpose, conceptual, empirical, and technical studies are conducted as part of the Value-Sensitive Design (VSD) framework. During the studies, implications for research on and design of OSINT were identified. For example, the representative survey of the German population has shown that transparency of use while reducing mistrust is associated with higher acceptance of such systems. Additionally, it has been shown that data sparsity through the use of expert networks has many positive effects, not only improving the performance of the system, but is also preferable for legal and social reasons. Thus, the work contributes to the understanding of specific dual-use risks of AI, the regulation of AWS and cryptography, and the design of OSINT in cybersecurity. By combining concepts from CSS and participatory design methods in HCI, this work provides an interdisciplinary and multi-method contribution.},
publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Universität Darmstadt},
author = {Riebe, Thea},
year = {2023},
doi = {10.26083/tuprints-00022849},
keywords = {HCI, Projekt-KontiKat, Peace, Projekt-DualUse, Projekt-CYWARN, Dissertation},
}

@article{riebe_values_2023,
title = {Values and {Value} {Conflicts} in the {Context} of {OSINT} {Technologies} for {Cybersecurity} {Incident} {Response}: {A} {Value} {Sensitive} {Design} {Perspective}},
url = {https://link.springer.com/article/10.1007/s10606-022-09453-4},
doi = {10.1007/s10606-022-09453-4},
abstract = {The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.},
journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
author = {Riebe, Thea and Bäumler, Julian and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {HCI, Student, UsableSec, Security, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B, Projekt-CROSSING, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
}

@article{riebe_privacy_2023,
title = {Privacy {Concerns} and {Acceptance} {Factors} of {OSINT} for {Cybersecurity}: {A} {Representative} {Survey}},
url = {https://petsymposium.org/popets/2023/popets-2023-0028.pdf},
doi = {https://doi.org/10.56553/popets-2023-0028},
abstract = {The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.},
number = {1},
journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
author = {Riebe, Thea and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
year = {2023},
keywords = {HCI, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-CYWARN, Projekt-ATHENE-FANCY, AuswahlUsableSec},
pages = {477--493},
}

@book{riebe_technology_2023-1,
address = {Wiesbaden, Germany},
title = {Technology {Assessment} of {Dual}-{Use} {ICTs} – {How} to assess {Diffusion}, {Governance} and {Design}},
isbn = {978-3-658-41666-9},
url = {https://link.springer.com/book/10.1007/978-3-658-41667-6},
abstract = {Technologies that can be used in military and civilian applications are referred to as dual-use. The dual-use nature of many information and communications technologies (ICTs) raises new questions for research and development for national, international, and human security. Measures to deal with the risks associated with the various dual-use technologies, including proliferation control, design approaches, and policy measures, vary widely. For example, Autonomous Weapon Systems (AWS) have not yet been regulated, while cryptographic products are subject to export and import controls. Innovations in artificial intelligence (AI), robotics, cybersecurity, and automated analysis of publicly available data raise new questions about their respective dual-use risks.
Dual-use risks have been systematically discussed so far, especially in the life sciences, which have contributed to the development of methods for assessment and risk management. Dual-use risks arise, among other things, from the fact that safety-critical technologies can be easily disseminated or modified, as well as used as part of a weapon system. Therefore, the development and adaptation of robots and software requires an independent consideration that builds on the insights of related dual-use discourses. Therefore, this dissertation considers the management of such risks in terms of the proliferation, regulation, and design of individual dual-use information technologies. Technology Assessment (TA) is the epistemological framework for this work, bringing together the concepts and approaches of Critical Security Studies (CSS) and Human-Computer Interaction (HCI) to help evaluate and shape dual-use technologies.
In order to identify the diffusion of dual-use at an early stage, the dissertation first examines the diffusion of dual-use innovations between civilian and military research in expert networks on LinkedIn, as well as on the basis of AI patents in a patent network. The results show low diffusion and tend to confirm existing studies on diffusion in patent networks. In the following section, the regulation of dual-use technologies is examined in the paper through two case studies. The first study uses a discourse analysis to show the value conflicts with regard to the regulation of autonomous weapons systems using the concept of Meaningful Human Control (MHC), while a second study, as a long-term comparative case study, analyzes the change and consequences of the regulation of strong cryptography in the U.S. as well as the programs of intelligence agencies for mass surveillance. Both cases point to the central role of private companies, both in the production of AWS and as intermediaries for the dissemination of encryption, as well as surveillance intermediaries. Subsequently, the dissertation examines the design of a dual-use technology using an Open Source Intelligence System (OSINT) for cybersecurity. For this purpose, conceptual, empirical, and technical studies are conducted as part of the Value-Sensitive Design (VSD) framework. During the studies, implications for research on and design of OSINT were identified. For example, the representative survey of the German population has shown that transparency of use while reducing mistrust is associated with higher acceptance of such systems. Additionally, it has been shown that data sparsity through the use of expert networks has many positive effects, not only improving the performance of the system, but is also preferable for legal and social reasons. Thus, the work contributes to the understanding of specific dual-use risks of AI, the regulation of AWS and cryptography, and the design of OSINT in cybersecurity. By combining concepts from CSS and participatory design methods in HCI, this work provides an interdisciplinary and multi-method contribution.},
publisher = {Springer Vieweg},
author = {Riebe, Thea},
year = {2023},
note = {https://doi.org/10.1007/978-3-658-41667-6},
keywords = {HCI, Projekt-KontiKat, Peace, Projekt-DualUse, Projekt-CYWARN, Dissertation},
}

@book{gottsche_conference_2022,
address = {Aachen},
title = {Conference {Proceedings} : {Science}, {Peace}, {Security} '21 : {The} {Impact} of new {Technologies}: {Destabilizing} or {Enabling} {Resilience}? : 8-10 {September} 2021},
url = {https://peasec.de/paper/2022/2022_Goettscheetal_ProceedingsSciencePeaceSecurity21ImpactOfNewTechnologies.pdf},
abstract = {The impact of the rapid technological change on peace and security continuously grows and becomes increasingly complex. Against the background of a quickly deteriorating security environment, the international conference SCIENCE · PEACE · SECURITY ’21 (RWTH Aachen University, 8-10 September 2021) examined the role of emerging technologies. The 60 speakers and 220 participants came from the natural, technical and social sciences. Diplomats and representatives from international organisations participated in the discussions. Topics included nuclear, chemical and biological arms control, autonomy in weapon systems, cybersecurity and the militarization of space among others.
The main outcome was that all of these issues could be more effectively addressed by new approaches to rigorous interdisciplinary research collaboration to create policy-relevant knowledge and by tightening the nexus between the scientist and policy communities. Both can only be achieved and sustained by funding novel structures that enable scientific-technical scholars to engage on these topics.
Key problems to be addressed by integrating natural, technical and social science perspectives include early risk assessment of potential dual-use research and technologies – especially in bio-security and epidemiology as well as IT and robotic research. Ways forward are the inclusion of norms into technology design as well as addressing questions of responsibility and standards. For military-usable technologies, entirely new regulatory approaches are necessary to prevent escalatory dynamics and to maintain accountability structures, moving from object-based to behaviour-based approaches.
Scientific-technical research contributes to peace and security in positive ways. A prominent example are nuclear verification techniques. While instruments to monitor nonproliferation and test ban commitments benefit from further improvement, many gaps on how to verify future arms control and disarmament agreements still exist and must be urgently closed.
The best cutting-edge scientific and academic expertise that is required for these complex research tasks is found in universities and other independent research institutes. Typically, however, decisionmakers draw knowledge from governmental institutions because of ease and existing connections. Therefore, efforts should be made to better connect the policy and academic communities. Communication between both can be improved by meeting on a regular basis and not only when advice on a specific issue is sought. This can foster more stable relationships and increase an understanding of each other.
Lastly, opportunities should be improved for the younger generation of scientists and technologists to engage with policymakers. It is crucial to educate and engage early-on the next generation of scientifically-literate policymakers and security-aware scientists.},
publisher = {RWTH Aachen University},
author = {Göttsche, Malte and Bauer, Sibylle and Dahlmann, Anja and Frieß, Friederike and Lentzos, Filippa and Neuneck, Götz and Niemeyer, Irmgard and Riebe, Thea and Silomon, Jantje and Reuter, Christian and Brochhaus, Jakob and Rademacher, Lukas},
year = {2022},
doi = {10.18154/RWTH-2022-02256},
keywords = {Peace},
}

@article{reuter_zur_2022,
title = {Zur {Schnittmenge} von {Informatik} mit {Friedens}- und {Sicherheitsforschung}: {Erfahrungen} aus der interdisziplinären {Lehre} in der {Friedensinformatik}},
volume = {11},
issn = {2524-6976},
url = {https://link.springer.com/content/pdf/10.1007/s42597-022-00078-4.pdf},
doi = {10.1007/s42597-022-00078-4},
abstract = {Interdisziplinäre Forschung und Lehre zwischen Informatik sowie Friedens- und Sicherheitsforschung ist vor dem Hintergrund, dass Konflikte im Cyberspace nicht mehr eine in der Zukunft liegende Fiktion, sondern eine realitätsnahe Möglichkeit darstellen, unabdingbar. Auch wenn zahlreiche etablierte Lehrveranstaltungen und Lehrbücher in der einen oder anderen Disziplin existieren, gilt dies nicht für deren Schnittmenge. Dieser Beitrag reflektiert die Einführung der in Bezug auf Thematik und Hörer*innenschaft interdisziplinären Lehrveranstaltung „Informationstechnologie für Frieden und Sicherheit“ für Studierende der Informatik, IT-Sicherheit und Wirtschaftsinformatik der Technischen Universität Darmstadt, sowie Friedens- und Konfliktforschung der TU Darmstadt in Kooperation mit der Goethe-Universität Frankfurt. Hierbei werden Herausforderungen und Lösungsansätze der interdisziplinären Lehre dargestellt und die Bedeutung dieser Lehre hervorgehoben.},
number = {2},
journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
author = {Reuter, Christian and Riebe, Thea and Haunschild, Jasmin and Reinhold, Thomas and Schmid, Stefka},
month = oct,
year = {2022},
keywords = {Security, Peace},
pages = {129--140},
}

@article{riebe_us_2022,
title = {U.{S}. {Security} {Policy}: {The} {Dual}-{Use} {Regulation} of {Cryptography} and its {Effects} on {Surveillance}},
url = {https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf},
doi = {10.1007/s41125-022-00080-0},
abstract = {Cryptography has become ubiquitous in communication technology and is considered a necessary part of information security. However, both the regulation to restrict access to cryptography, as well as practices to weaken or break encryption, are part of the States’ security policies. The United States (U.S.) regulate cryptography for export in international trade as a dual-use good. However, the regulation has been increasingly loosened and transferred to bilateral agreements with Information and Communication Technology companies. At the same time, the National Security Agency attempted to implement a government encryption standard to guarantee itself easier access to data, thus progressively expanding surveillance on non-U.S. citizens. In this paper, using comparative policy analysis, we examine the evolution of both security policies by tracing the historical development of U.S. regulation of cryptography as a dual-use good, and surveillance technologies, and practices used from the 1990s to today. We conclude that the impact of the dual-use regulation has affected the efficiency of surveillance technology, by loosening regulations only for mass communication services, thereby supporting the proliferation of surveillance intermediaries, while working on strategies to collaborate and exploit their coverage.},
journal = {European Journal for Security Research (EJSR)},
author = {Riebe, Thea and Kuehn, Philipp and Imperatori, Philipp and Reuter, Christian},
year = {2022},
keywords = {Student, Security, Projekt-KontiKat, Projekt-CYWARN},
}

@article{schmid_dual-use_2022,
title = {Dual-{Use} and {Trustworthy}? {A} {Mixed} {Methods} {Analysis} of {AI} {Diffusion} between {Civilian} and {Defense} {R}\&{D}},
volume = {28},
url = {https://peasec.de/paper/2022/2022_SchmidRiebeReuter_DualUseandTrustworthy_ScienceEngineeringEthics.pdf},
doi = {10.1007/s11948-022-00364-7},
abstract = {Artificial Intelligence (AI) seems to be impacting all industry sectors, while becoming a motor for innovation. The diffusion of AI from the civilian sector to the defense sector, and AI’s dual-use potential has drawn attention from security and ethics scholars. With the publication of the ethical guideline Trustworthy AI by the European Union (EU), normative questions on the application of AI have been further evaluated. In order to draw conclusions on Trustworthy AI as a point of reference for responsible research and development (R\&D), we approach the diffusion of AI across both civilian and military spheres in the EU. We capture the extent of technological diffusion and derive European and German patent citation networks. Both networks indicate a low degree of diffusion of AI between civilian and defense sectors. A qualitative investigation of project descriptions of a research institute’s work in both civilian and military fields shows that military AI applications stress accuracy or robustness, while civilian AI reflects a focus on human-centric values. Our work represents a first approach by linking processes of technology diffusion with normative evaluations of R\&D.},
number = {12},
journal = {Science and Engineering Ethics},
author = {Schmid, Stefka and Riebe, Thea and Reuter, Christian},
year = {2022},
keywords = {A-Paper, Ranking-ImpactFactor, Projekt-KontiKat, Peace, AuswahlPeace, Projekt-CYWARN},
pages = {1--23},
}

@inproceedings{kaufhold_cywarn_2021,
address = {Bonn},
series = {Mensch und {Computer} 2021 - {Workshopband}},
title = {{CYWARN}: {Strategy} and {Technology} {Development} for {Cross}-{Platform} {Cyber} {Situational} {Awareness} and {Actor}-{Specific} {Cyber} {Threat} {Communication}},
url = {https://dl.gi.de/server/api/core/bitstreams/8f470f6b-5050-4fb9-b923-d08cf84c17b7/content},
doi = {10.18420/muc2021-mci-ws08-263},
abstract = {Despite the merits of digitisation in private and professional spaces, critical infrastructures and societies are increasingly ex-posed to cyberattacks. Thus, Computer Emergency Response Teams (CERTs) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberattacks. However, their tasks are getting more complex by the increasing amount and varying quality of information dissem-inated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYWARN project, which seeks to design strategies and technolo-gies for cross-platform cyber situational awareness and actor-spe-cific cyber threat communication. Second, it identifies and elabo-rates eight research challenges with regard to the monitoring, analysis and communication of cyber threats in CERTs, which serve as a starting point for in-depth research within the project.},
booktitle = {Mensch und {Computer} - {Workshopband}},
publisher = {Gesellschaft für Informatik},
author = {Kaufhold, Marc-André and Fromm, Jennifer and Riebe, Thea and Mirbabaie, Milad and Kuehn, Philipp and Basyurt, Ali Sercan and Bayer, Markus and Stöttinger, Marc and Eyilmez, Kaan and Möller, Reinhard and Fuchß, Christoph and Stieglitz, Stefan and Reuter, Christian},
year = {2021},
keywords = {Security, Projekt-CYWARN},
}

@techreport{riebe_linkedin_2021,
address = {Wissenschaft \& Frieden},
title = {{LinkedIn} als {Barometer}: {Austausch} zwischen ziviler und militärischer {F}\&{E}},
url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_LinkedInalsBarometer_WuF.pdf},
abstract = {Gibt es Wissenstransfers zwischen militärischer und ziviler Forschung? Wenn ja, in welchem Umfang? Um die Art und Weise zu untersuchen, wie Unternehmen durch sogenannte »Spillover«-Effekte von den Aktivitäten in den Bereichen »Forschung und Entwicklung« (F\&E) eines anderen Unternehmens profi tieren, existieren bereits Methoden, die die Mobilität von Arbeitskräften als Initiator von Wissenstransfers untersuchen. Dieser Beitrag stellt einen ergänzenden Ansatz vor, der auf »Social Media Analytics« (SMA) beruht. Er soll helfen, die »Spillover«-Eff ekte vom Verteidigungsbereich in die zivile F\&E quantifi zieren zu können und beruht auf der Analyse von Angaben zum Beschäftigungswechsel aus dem sozialen Netzwerk »LinkedIn«.},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
year = {2021},
keywords = {Peace, Projekt-DualUse},
}

@article{riebe_measuring_2021,
title = {Measuring {Spillover} {Effects} from {Defense} to {Civilian} {Sectors} – {A} {Quantitative} {Approach} {Using} {LinkedIn}},
volume = {32},
url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_SpilloverEffectsDefensetoCivilianLinkedIn_PDE.pdf},
doi = {10.1080/10242694.2020.1755787},
abstract = {Spillover effects describe the process of a company benefiting from the R\&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.},
number = {7},
journal = {Defence and Peace Economics},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
year = {2021},
keywords = {Selected, A-Paper, Ranking-ImpactFactor, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar, Projekt-ATHENE-SecUrban},
pages = {773--785},
}

@article{riebe_impact_2021,
title = {The {Impact} of {Organizational} {Structure} and {Technology} {Use} on {Collaborative} {Practices} in {Computer} {Emergency} {Response} {Teams}: {An} {Empirical} {Study}},
volume = {5},
url = {https://www.peasec.de/paper/2021/2021_RiebeKaufholdReuter_ComputerEmegencyResponseTeams_CSCW.pdf},
doi = {10.1145/3479865},
abstract = {Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.},
number = {CSCW2},
journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
author = {Riebe, Thea and Kaufhold, Marc-André and Reuter, Christian},
year = {2021},
keywords = {Crisis, UsableSec, Security, A-Paper, Ranking-CORE-A, Projekt-KontiKat, Projekt-ATHENE-SecUrban, Projekt-CYWARN, AuswahlUsableSec, AuswahlKaufhold},
}

@inproceedings{riebe_cysecalert_2021,
title = {{CySecAlert}: {An} {Alert} {Generation} {System} for {Cyber} {Security} {Events} {Using} {Open} {Source} {Intelligence} {Data}},
url = {https://peasec.de/paper/2021/2021_RiebeWirthBayerKuehnKaufholdKnautheGutheReuter_CySecAlertOpenSourceIntelligence_ICICS.pdf},
doi = {10.1007/978-3-030-86890-1_24},
abstract = {Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.},
booktitle = {Information and {Communications} {Security} ({ICICS})},
author = {Riebe, Thea and Wirth, Tristan and Bayer, Markus and Kuehn, Philipp and Kaufhold, Marc-André and Knauthe, Volker and Guthe, Stefan and Reuter, Christian},
year = {2021},
keywords = {Student, UsableSec, Security, Ranking-CORE-B, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
pages = {429--446},
}

@techreport{riebe_neue_2021,
address = {Wissenschaft und Frieden},
title = {Neue {Technologien} und {Resilienz}},
url = {https://peasec.de/paper/2021/2021_RiebeReuter_NeueTechnologienResilienz.pdf},
abstract = {Die Science · Peace · Security ’21 (SPS21) Konferenz fand in diesem Jahr virtuell statt. Ausgerichtet wurde sie durch Prof. Malte Göttsche, Leiter der Forschungsgruppe »Nukleare Verifikation und Abrüstung« an der RWTH Aachen mit Unterstützung eines international besetzten Programmkomitees. Die Konferenz brachte Wissenschaftler*innen aus vielen Disziplinen und aus aller Welt, Diplomat*innen sowie Mitglieder der Bundeswehr zusammen, um über aktuelle Fragen der Rüstungskontrolle und Abrüstung unter dem diesjährigen Motto »The Impact of New Technologies: Destabilizing or Enabling Resilience?« zu diskutieren.},
author = {Riebe, Thea and Reuter, Christian},
year = {2021},
keywords = {Peace},
}

@article{imperatori_verschlusselungspolitik_2020,
title = {Verschlüsselungspolitik der {USA}: {Vom} {Clipper}-{Chip} zu {Edward} {Snowden}},
volume = {37},
url = {https://tuprints.ulb.tu-darmstadt.de/20060/1/fk-1-20-p77.pdf},
journal = {FIfF-Kommunikation},
author = {Imperatori, Philipp and Riebe, Thea and Reuter, Christian},
year = {2020},
keywords = {Student, Security, Peace, Projekt-DualUse, Projekt-CROSSING},
pages = {77--80},
}

@article{kuehn_sharing_2020,
title = {Sharing of {Cyber} {Threat} {Intelligence} between {States}},
volume = {38},
url = {http://www.peasec.de/paper/2020/2020_KuehnRiebeApeltJansenReuter_SharingCyberThreatIntelligence_SF.pdf},
doi = {10.5771/0175-274X-2020-1-22},
abstract = {Threats in cyberspace have increased in recent years due to the increment of offensive capabilities by states. Approaches to mitigate the security dilemma in cyberspace within the UN are deadlocked, as states have not been able to achieve agreements. However, from the perspective of IT-Security, there are Cyber Threat Intelligence (CTI) platforms to share and analyze cyber threats for a collective crisis management. To investigate, whether or not CTI platforms can be used as a confidence-building measure between states and international organizations, we portray current CTI platforms, showcase political requirements, and answer the question of how CTI communication may contribute to confidence-building in international affairs. Our results suggest the need to further develop analytical capabilities, as well as the implementation of a broad social, political, and legal environment for international CTI sharing.},
number = {1},
journal = {S+F Sicherheit und Frieden / Peace and Security},
author = {Kuehn, Philipp and Riebe, Thea and Apelt, Lynn and Jansen, Max and Reuter, Christian},
year = {2020},
keywords = {Student, Security, Peace, Projekt-DualUse, Cyberwar, Projekt-ATHENE-SecUrban, Projekt-CYWARN},
pages = {22--28},
}

@article{riebe_veranderung_2020,
title = {Die {Veränderung} der {Vorratsdatenspeicherung} in {Europa}},
volume = {44},
url = {https://www.peasec.de/paper/2020/2020_Riebeetal_VDSinEuropa_DuD.pdf},
doi = {10.1007/s11623-020-1275-3},
abstract = {Die Diskussion um die Vorratsdatenspeicherung ist europaweit weiterhin relevant, da es keine einheitliche Gesetzgebung der EU-Mitgliedsstaaten gibt. So werden in einigen EU-Staaten weiterhin Vorratsdaten gespeichert, obwohl der EuGH die Vorratsdatenspeicherung für teilweise rechtswidrig erklärt hat. Dabei unterscheiden sich die Speicherdauer, die erhobenen Daten und die Rechte der Behörden erheblich. Der Beitrag vergleicht den Umgang mit der Vorratsdatenspeicherung in zehn EU- und Schengen-Staaten im Hinblick auf Einführung und Aussetzung, Speicherdauer, Speicherinhalte und Zugriffsrechte.},
number = {5},
journal = {Datenschutz und Datensicherheit - DuD},
author = {Riebe, Thea and Haunschild, Jasmin and Divo, Felix and Lang, Matthias and Roitburd, Gerbert and Franken, Jonas and Reuter, Christian},
year = {2020},
keywords = {Student, Security, Projekt-KontiKat, Peace, Projekt-DualUse, Projekt-ATHENE-SecUrban},
pages = {316--321},
}

@article{riebe_meaningful_2020,
title = {Meaningful {Human} {Control} of {Lethal} {Autonomous} {Weapon} {Systems}: {The} {CCW}-{Debate} and its {Implications} for {Value}-{Sensitive} {Design}},
volume = {39},
url = {https://peasec.de/paper/2020/2020_RiebeSchmidReuter_MHC_IEEETechScieMag.pdf},
doi = {10.1109/MTS.2020.3031846},
abstract = {The debate on the development and deployment of lethal autonomous weapon systems (LAWS) as an emerging technology is of increasing importance, with discussions stalling and technological development progressing. Monitoring the progress of increasingly autonomous weapons systems in civilian and military use as well as regulating possible autonomous systems early on is demanded by civil society actors, like the Campaign to Stop Killer Robots and the International Committee of the Red Cross (ICRC), while nation states follow a variety of interests and strategies, showing little room for consensus on central terms and questions [2], [3]. This article therefore sheds light on the work of the Group of Governmental Experts (GGE) of the UN Convention of Certain Conventional Weapons (CCW). The CCW, offering an arena for international cooperation, has dedicated itself to the purpose of finding common ground with respect to an understanding of LAWS, as well as to the necessary degree of human control. From an ethical perspective, the concept of Meaningful Human Control (MHC) supports a human-centric approach. Several IEEE projects, series and publications are dedicated to this prioritization, especially regarding civilian use. As autonomous technology is increasingly at the center of contemporary military innovations, questions of (human) agency and responsibility in warfare have become even more pressing. As stressed by the United Nations Institute for Disarmament Research (UNIDIR), the concept of MHC may prove useful in the context of development and use of (semi-) autonomous weaponry.},
number = {4},
journal = {IEEE Technology and Society Magazine},
author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
year = {2020},
keywords = {A-Paper, Ranking-ImpactFactor, Projekt-KontiKat, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar},
pages = {36--51},
}

@techreport{riebe_umgang_2020,
title = {Umgang mit {Killerrobotern}},
url = {https://peasec.de/paper/2020/2020_Riebe_UmgangmitKillerbotobern_WF.pdf},
author = {Riebe, Thea},
year = {2020},
keywords = {Peace, Projekt-DualUse},
}

@inproceedings{kaufhold_sentinet_2019,
address = {Hamburg, Germany},
title = {{SentiNet}: {Twitter}-basierter {Ansatz} zur kombinierten {Netzwerk}- und {Stimmungsanalyse} in {Katastrophenlagen}},
url = {https://dl.gi.de/bitstream/handle/20.500.12116/25149/133-04.pdf},
doi = {10.18420/muc2019-ws-133-04},
abstract = {Das Forschungsfeld Social Media Analytics untersucht Methoden zur Analyse sozialer Medien nicht nur für Bürger und Unternehmen, sondern auch für Einsatzkräfte in Notsituationen. Zur Unterstützung des Situationsbewusstseins in derartigen Lagen werden unter anderem soziale Netzwerkanalysen angewandt, um Handlungen und die Vernetzung von Helfern nachzuvollziehen, sowie Stimmungsanalysen, um Emotionen der nutzergenerierten Inhalte zu extrahieren. Unsere Literaturstudie zeigt allerdings, dass keine technischen Ansätze existieren, die Netzwerk- und Stimmungsanalysen kombinieren. Dieser Beitrag stellt das Design und die Implementierung einer solchen Web- Anwendung auf Basis von Twitter vor, um anschließend Potenziale und Herausforderungen für die Evaluation und Weiterentwicklung des Ansatzes zu diskutieren.},
booktitle = {Mensch und {Computer} - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Schmidt, Arne and Seifert, Fabienne and Riebe, Thea and Reuter, Christian},
year = {2019},
keywords = {Crisis, SocialMedia, Projekt-KontiKat},
pages = {297--308},
}

@incollection{reuter_future_2019,
address = {Wiesbaden, Germany},
title = {The {Future} of {IT} in {Peace} and {Security}},
isbn = {978-3-658-25652-4},
url = {https://www.springer.com/de/book/9783658256517},
abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Aal, Konstantin and Aldehoff, Larissa and Altmann, Jürgen and Buchmann, Johannes and Bernhardt, Ute and Denker, Kai and Herrmann, Dominik and Hollick, Matthias and Katzenbeisser, Stefan and Kaufhold, Marc-André and Nordmann, Alfred and Reinhold, Thomas and Riebe, Thea and Ripper, Annette and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
editor = {Reuter, Christian},
year = {2019},
doi = {10.1007/978-3-658-25652-4_19},
keywords = {HCI, UsableSec, Security, Peace, Projekt-CRISP, Projekt-CROSSING},
pages = {405--413},
}

@incollection{reuter_it_2019,
address = {Wiesbaden, Germany},
title = {{IT} in {Peace}, {Conflict}, and {Security} {Research}},
isbn = {978-3-658-25652-4},
url = {https://www.springer.com/de/book/9783658256517},
abstract = {Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Reuter, Christian and Aldehoff, Larissa and Riebe, Thea and Kaufhold, Marc-André},
editor = {Reuter, Christian},
year = {2019},
doi = {10.1007/978-3-658-25652-4_2},
keywords = {HCI, Security, Peace, Infrastructure, Projekt-CRISP},
pages = {11--37},
}

@incollection{reuter_cyberwar_2019,
title = {Cyberwar zwischen {Fiktion} und {Realität} – technologische {Möglichkeiten}},
isbn = {978-3-658-27713-0},
url = {https://peasec.de/paper/2019/2019_ReuterRiebeAldehoffKaufholdReinhold2019_CyberwarZwischenFiktionUndReal_Cyberwar.pdf},
abstract = {Im Dezember 2017 wurde eine Invasion des deutschen Regierungsnetzwerks entdeckt; dieses vernetzt Bundesministerien und Behörden (vgl. Reinhold 2018a). Die Angreifer nutzten das Intranet der Hochschule des Bundes für öffentliche Verwaltung und der Bundesakademie für öffentliche Verwaltung als Einfallstor. Dieses ist der am wenigsten gesicherte Teil des Systems, da externe Teilnehmerinnen und Teilnehmer auch außerhalb der Einrichtung darauf zugreifen müssen, beispielsweise für Fortbildungen des Auswärtigen Amtes.},
booktitle = {Cyberwar – die {Digitalisierung} der {Kriegsführung}},
publisher = {Springer VS},
author = {Reuter, Christian and Riebe, Thea and Aldehoff, Larissa and Kaufhold, Marc-André and Reinhold, Thomas},
editor = {Werkner, Ines-Jacqueline and Schörnig, Niklas},
year = {2019},
doi = {10.1007/978-3-658-27713-0},
keywords = {Security, Peace, Projekt-DualUse, Cyberwar},
pages = {15--38},
}

@inproceedings{riebe_werte_2019,
address = {Hamburg, Germany},
title = {Werte und {Wertekonflikte} in sozialen {Medien} für die {Vernetzung} ungebundener {Helfer} in {Krisensituationen} – {Ein} {Value}-{Sensitive} {Design} {Ansatz}},
url = {https://dl.gi.de/bitstream/handle/20.500.12116/25150/133-05.pdf},
doi = {10.18420/muc2019-ws-133-05},
abstract = {Bereits während des Hochwassers in Mitteleuropa 2013 und der Flüchtlingskrise in Europa ab 2015 wurde deutlich, dass freiwillige HelferInnen die Bewältigung von Krisensituationen unterstützen. Durch die vermehrte Koordination der Helfenden, auch unter Ein- satz sozialer Medien, kommt es zunehmend zu Konflikten zwi- schen den teilweise kollidierenden Erwartungshaltungen periodi- sierter Werte der eingebundenen Akteure. Die Entwicklung von Kollaborationswerkzeugen mit Hilfe der Methode des Value-Sen- sitive Designs kann bereits im Vorfeld solche Konflikte aufzeigen und gezielt verhindern oder moderieren. Dazu wurde in einer Fall- studie anhand des Hochwassers 2013 induktiv abgeleitet, welche Werte und Erwartungen die unterschiedlichen Stakeholder haben, und welche Konflikte sich daraus im Hinblick auf die Anforderun- gen ergeben. Diese Studie zeigt insbesondere die Konfliktpotenzi- ale für freiwillige HelferInnen in sozialen Medien in Bezug auf den Schutz der Privatsphäre und vor Diskriminierung auf und leistet damit einen Beitrag für die Konflikt-Optimierung und Akzeptanz- steigerung des Einsatzes sozialer Medien im Katastrophenschutz.},
booktitle = {Mensch und {Computer} - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Riebe, Thea and Langer, Amanda and Kaufhold, Marc-André and Kretschmer, Nina Katharina and Reuter, Christian},
year = {2019},
keywords = {Crisis, SocialMedia, Student, Security, Projekt-KontiKat, Peace, Projekt-DualUse},
pages = {308--318},
}

@inproceedings{riebe_threat_2019,
address = {Darmstadt, Germany},
title = {Threat {Intelligence} {Application} for {Cyber} {Attribution}},
url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/9164},
abstract = {Attribution consists of technical, legal and politically defined processes. However, the interna- tional community has not yet defined processes unilaterally, even though the UN GGE has proposed to address the increase of cyber operations. Taking existing threat exchange stand- ards into account, this paper presents an approach to support efforts for more effective attrib- ution by developing a platform with the common open source threat exchange formats STIX and MEAC. Furthermore, the platform is evaluated in terms of usability.},
booktitle = {{SCIENCE} {PEACE} {SECURITY} '19 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
publisher = {TUprints},
author = {Riebe, Thea and Kaufhold, Marc-André and Kumar, Tarun and Reinhold, Thomas and Reuter, Christian},
editor = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
year = {2019},
keywords = {Student, Security, Peace, Projekt-DualUse},
pages = {56--60},
}

@incollection{riebe_dual_2019,
address = {Wiesbaden, Germany},
title = {Dual {Use} and {Dilemmas} for {Cybersecurity}, {Peace} and {Technology} {Assessment}},
isbn = {978-3-658-25652-4},
url = {https://link.springer.com/chapter/10.1007/978-3-658-25652-4_8},
abstract = {Dual-use in information technology is a pressing issue: how can we prevent, control or manage the risk of a harmful application of IT? How can dual-use awareness and regu-lation help to mitigate the risks to peace and security on the national and international level? As the cyberspace has been declared a military domain, IT is of increasing im-portance for civil and military infrastructures. How can researchers, developers and decision makers make sure that IT is not misused to cause harm? For nuclear, biological and chemical technologies this has been discussed as the dual-use problem. This chapter illustrates the approaches towards different dual-use concepts, how to conduct a tech-nology assessment and provides insight into the implementation of dual-use assessment guidelines at TU Darmstadt, the so-called Civil Clause.},
booktitle = {Information {Technology} for {Peace} and {Security} - {IT} {Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
publisher = {Springer Vieweg},
author = {Riebe, Thea and Reuter, Christian},
editor = {Reuter, Christian},
year = {2019},
doi = {10.1007/978-3-658-25652-4_8},
keywords = {Projekt-KontiKat, Peace, Projekt-CRISP, Projekt-DualUse},
pages = {165--184},
}

@techreport{riebe_dual-use_2019,
address = {Wissenschaft \& Frieden 2019-1},
title = {Dual-{Use} in der {IT}: {Bewertung} in der {Softwareentwicklung}},
url = {http://www.peasec.de/paper/2019/2019_RiebeReuter_DualUse_WuF.pdf},
abstract = {Der Einsatz von Informationstechnologie (IT) im Frieden ebenso wie in Konflikten und für Sicherheitszwecke wirft einige Fragen auf (Reuter 2019), u.a. ob die Nutzung von IT auf so genannte förderliche Zwecke und Anwendungen begrenzt und eine schädliche Nutzung verhindert werden kann (Riebe und Reuter 2019). Diese Ambivalenz wird als Dual-use-Dilemma bezeichnet und bedeutet, dass Gegenstände, Wissen und Technologie sowohl nützliche als auch schädliche Anwendung fi nden können. Dual-use-Fragen stellen sich in ganz unterschiedlichen technischen und naturwissenschaftlichen Disziplinen, insbesondere in der Nukleartechnologie sowie in der Chemie und Biologie. Dabei unterscheidet sich die Bedeutung von Dual-use je nach Technologie, ihren spezifi schen Risiken und Szenarien sowie ihrer Distribution und Anwendung. Konkret bedeutet dies: Sicherheitspolitische Risikoszenarien und Anwender der Nukleartechnologie unterscheiden sich erheblich von denen der IT.},
author = {Riebe, Thea and Reuter, Christian},
year = {2019},
keywords = {Projekt-KontiKat, Peace, Projekt-DualUse},
pages = {46--48},
}

@inproceedings{riebe_accessing_2019,
address = {Darmstadt, Germany},
title = {Accessing {Dual} {Use} in {IT} {Development}},
url = {https://peasec.de/paper/2019/2019_RiebeReuter_AccessingDualUse_ProcSciencePeaceSecurity-TUprints.pdf},
abstract = {The use of information technology (IT) in peace, conflict and security raises some questions, i.e. whether the use of IT can be limited exclusively to so-called advantageous purposes and applications and whether improper use can be prevented. This ambivalence is called a dual- use dilemma, meaning that objects, knowledge and technology can find both useful and harm- ful applications. Dual-use questions have been addressed in various disciplines, in particular in nuclear technology and the production of nuclear weapons, but also in chemistry and biology. In all these disciplines, dual-use topics in technical development and education have been discussed and addressed. Nevertheless, the importance of dual-use differs slightly, depending on the technology and its risks, as well as its distribution and application. Nuclear technology is less accessible than biotechnology, which in turn is less accessible than IT.},
booktitle = {{SCIENCE} {PEACE} {SECURITY} '19 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
publisher = {TUprints},
author = {Riebe, Thea and Reuter, Christian},
year = {2019},
keywords = {Peace, Projekt-DualUse},
pages = {46--49},
}

@incollection{schmid_meaningful_2019,
address = {Darmstadt, Germany},
title = {Meaningful {Human} {Control} of {Lethal} {Autonomous} {Weapon} {Systems}},
url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/9164},
abstract = {In the discussion of lethal autonomous weapon systems (LAWS) in the expert forum of the Convention on Certain Conventional Weapons (CCW), the interpretation of crucial concepts such as autonomy and human control is decisive for the future direction of international hu- manitarian law. Starting from the perspective of a synthesis of Actor-Network Theory (ANT) and Value-Sensitive-Design (VSD), we aim to analyse the discourse of LAWS and ask for pos- sibilities to implement Meaningful Human Control.},
booktitle = {{SCIENCE} {PEACE} {SECURITY} '19 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
publisher = {TUprints},
author = {Schmid, Stefka and Riebe, Thea and Reuter, Christian},
editor = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
year = {2019},
keywords = {Student, Security, Peace, Projekt-DualUse},
pages = {196--200},
}

@inproceedings{kaufhold_design_2018,
address = {Dresden, Germany},
title = {Design eines {BCM}-{Dashboards} für kleine und mittlere {Unternehmen}},
url = {https://dl.gi.de/bitstream/handle/20.500.12116/16796/Beitrag_453_final__a.pdf},
abstract = {Business Continuity Management (BCM) ist definiert als ganzheitlicher Managementprozess, der poten-zielle Bedrohungen für Organisationen und die Auswirkungen ermittelt, sowie ein Gerüst zum Aufbau der Belastbarkeit einer Organisation bereitstellt. Bereits existierende Ansätze in der Forschung legen den Fokus allerdings auf große Konzerne, während die Umsetzung eines BCM-Konzepts für kleine und mittlere Unternehmen (KMU) oft an den knappen finanziellen und personellen Ressourcen, aber auch an der Komplexität des BCM scheitert. Um KMU bei der Implementierung eines an deren Bedürfnisse angepasstem BCM-Systems (BCMS) zu unterstützen, gibt es in der Forschung nur wenige Lösungsan-sätze. Dieser Artikel stellt auf Basis einer empirischen Studie, welche Umsetzungsfaktoren für BCM und Anforderungen für BCMS untersucht, das prototypische Design eines BCM-Dashboards vor, welches mit wenig Konfigurationsaufwand möglichst relevante externe und interne Gefahrenquellen in einer kom-pakten Übersicht darzustellen vermag.},
booktitle = {Mensch und {Computer} - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Kaufhold, Marc-André and Reuter, Christian and Riebe, Thea and von Radziewski, Elmar},
editor = {Dachselt, Raimund and Weber, Gerhard},
year = {2018},
keywords = {Crisis, HCI, Student, Projekt-KontiKat, Infrastructure},
pages = {579--586},
}

@article{kaufhold_business_2018,
title = {Business {Continuity} {Management} in {Micro} {Enterprises}: {Perception}, {Strategies} and {Use} of {ICT}},
volume = {10},
url = {http://www.peasec.de/paper/2018/2018_KaufholdRiebeReuteretal_BusinessContinuityManagementinMicroEnterprises_IJISCRAM.pdf},
doi = {10.4018/IJISCRAM.2018010101},
abstract = {Small and medium-sized enterprises (SMEs) represent 99\% of enterprises in Germany and more than 95\% in the European Union. Given the recent increase of natural disasters and man-made crises and emergencies, it seems an important economic goal to ascertain that SMEs are capable of maintaining their work, revenue and profit at an acceptable level. According to ISO 22301, business continuity management (BCM) is a holistic management process which identifies potential threats and their impact to an organization and serves as a framework to increase organizational resilience and response capabilities. Prior research identified that BCM is under-represented in SMEs and that their security level is partially in an uneconomical range. This article presents the analysis of interviews with 19 independent micro enterprises highlighting findings on their low crisis awareness, varying technical dependency, existing action strategies and communication strategies and proposing a categorization of micro enterprises as preventive technicians, data-intensive chains or pragmatic jumpers.},
number = {1},
journal = {International Journal of Information Systems for Crisis Response and Management (IJISCRAM)},
author = {Kaufhold, Marc-André and Riebe, Thea and Reuter, Christian and Hester, Julian and Jeske, Danny and Knüver, Lisa and Richert, Viktoria},
year = {2018},
keywords = {Cooperation, Crisis, Student, Security, Projekt-KontiKat, Infrastructure, RSF, Projekt-MAKI},
pages = {1--19},
}

@inproceedings{riebe_conspiracies_2018,
address = {Dresden, Germany},
title = {From {Conspiracies} to {Insults}: {A} {Case} {Study} of {Radicalisation} in {Social} {Media} {Discourse}},
url = {https://dl.gi.de/bitstream/handle/20.500.12116/16795/Beitrag_449_final__a.pdf},
abstract = {Online radicalisation is often linked to discourses on social media. In this context, the question arises how populist online discourses radicalise in social media platforms. With a quantitative content analysis of supporters of the German party “Alternative für Deutschland (AfD)” and their contributions on Facebook between March 2014 and May 2017, this preliminary analysis illustrates how the discourse shifts from a dominantly neutral debate to insult-driven and dis-criminatory contributions. It provides insights into the dynamic of political social media dis-courses and shows a tendency of correlating language style and topics that can be further studied in Social Media Analytics.},
booktitle = {Mensch und {Computer} - {Workshopband}},
publisher = {Gesellschaft für Informatik e.V.},
author = {Riebe, Thea and Pätsch, Katja and Kaufhold, Marc-André and Reuter, Christian},
editor = {Dachselt, Raimund and Weber, Gerhard},
year = {2018},
keywords = {Crisis, HCI, SocialMedia, Student, Projekt-KontiKat, Peace, Projekt-CRISP},
pages = {595--603},
}

@techreport{riebe_responsible_2018,
address = {Wissenschaft \& Frieden},
title = {Responsible {Research} and {Innovation}: {Interdisziplinärer} {Workshop} von {IANUS} und {Schader}-{Stiftung}},
url = {http://www.peasec.de/paper/2018/2018_RiebeNordmannReuter_RRI_WuF.pdf},
abstract = {Statt der Forschung ethische, rechtliche, gesellschaftliche Refl exion nur beizuge-sellen, verlangt Responsible Research and Innovation (RRI), dass sich Forschung an europäischen Werten – den Werten der Europäischen Union – orientiert. Um diese Öff nung zu gewährleisten, setzt RRI zunächst nicht auf spezifi sche Werte, sondern prozedural auf eine Forschung, die Folgen antizipiert, unterschiedliche Interessen und Wertvorstellungen inklu-diert, sich selbst refl ektiert und in die Verantwortung nehmen lässt. Doch was heißt das ?},
author = {Riebe, Thea and Nordmann, Alfred and Reuter, Christian},
year = {2018},
keywords = {Projekt-KontiKat, Peace, Projekt-CRISP, Projekt-DualUse},
pages = {60--61},
}