Post-Doktorandin

Kontakt: +49 (0) 6151 / 1620946 | riebe(at)peasec.tu-darmstadt.de

Technische Universität Darmstadt, Fachbereich Informatik,
Wissenschaft und Technik für Frieden und Sicherheit (PEASEC)
Pankratiusstraße 2, 64289 Darmstadt, Raum 116

DE

Dr. Thea Riebe ist Postdoktorandin am Lehrstuhl Wissenschaft und Technik für Frieden und Sicherheit (PEASEC) im Fachbereich Informatik der Technischen Universität Darmstadt. Sie ist Mitarbeiterin im BMBF-Projekt CYWARN (2020-2023, BMBF) zu Entwicklung von Strategien und Technologien zur Analyse und Kommunikation der Sicherheitslage im Cyberraum.

Sie verteidigte ihre interdisziplinäre Dissertation zur Technikfolgenabschätzung von Dual-use Technologien in der Informatik und verbindet Ansätze aus der Technikfolgenabschätzung, Kritischer Sicherheitsforschung und Mensch-Computer Interaktion. Ihre Forschung umfasst über 30 Publikationen im Bereich der Sicherheitsforschung, Technikfolgenabschätzung, Computerunterstützte Gruppenarbeit und Mensch-Computer Interaktion.

Thea Riebe studierte Internationale Studien / Friedens- und Konfliktforschung (M.A.) an der Goethe Universität Frankfurt, der TU Darmstadt und der Université de Lausanne. Zwischen 2017-2021 war sie überdies wissenschaftliche Mitarbeiterin in dem Forschungsprojekt KontiKat (2017-2021, BMBF) am Lehrstuhl Computerunterstützte Gruppenarbeit und Soziale Medien von Prof. Volkmar Pipek an der Universität Siegen.

EN

Dr. Thea Riebe is a postdoctoral researcher at the Chair of Science and Technology for Peace and Security (PEASEC) in the Department of Computer Science at Technical University of Darmstadt (TU Darmstadt). She is a collaborator in the BMBF project CYWARN (2020-2023, BMBF) on the strategy and technology development for cross-platform cyber situational awareness and actor-specific cyber threat communication.

She defended an interdisciplinary PhD on technology assessment of dual-use technologies in computer science, combining approaches from technology assessment, critical security research, and human-computer interaction. Her research includes over 30 publications in the areas of security research, technology assessment, computer-assisted group work, and human-computer interaction.

Thea Riebe studied International Studies / Peace and Conflict Studies (M.A.) at Goethe University Frankfurt, TU Darmstadt and Université de Lausanne. Between 2017-2021, she was simultaneously a research assistant in the research project KontiKat (2017-2021, BMBF) at the Chair of Computer Supported Group Work and Social Media of Prof. Volkmar Pipek at the University of Siegen.

Publikationen

2023

  • Thea Riebe, Julian Bäumler, Marc-André Kaufhold, Christian Reuter (2023)
    Values and Value Conflicts in the Context of OSINT Technologies for Cybersecurity Incident Response: A Value Sensitive Design Perspective
    Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW) .
    [BibTeX]

    @article{riebe_values_2023,
    title = {Values and {Value} {Conflicts} in the {Context} of {OSINT} {Technologies} for {Cybersecurity} {Incident} {Response}: {A} {Value} {Sensitive} {Design} {Perspective}},
    journal = {Computer Supported Cooperative Work: The Journal of Collaborative Computing (JCSCW)},
    author = {Riebe, Thea and Bäumler, Julian and Kaufhold, Marc-André and Reuter, Christian},
    year = {2023},
    keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-CROSSING, Security, Student, UsableSec, A-Paper, Ranking-ImpactFactor, Ranking-CORE-B},
    }

  • Thea Riebe (2023)
    Technology Assessment of Dual-Use ICTs – How to assess Diffusion, Governance and Design
    Darmstadt, Germany: Springer Vieweg.
    [BibTeX]

    @book{riebe_technology_2023,
    address = {Darmstadt, Germany},
    title = {Technology {Assessment} of {Dual}-{Use} {ICTs} – {How} to assess {Diffusion}, {Governance} and {Design}},
    publisher = {Springer Vieweg},
    author = {Riebe, Thea},
    year = {2023},
    keywords = {Projekt-CYWARN, Projekt-KontiKat, Peace, Projekt-DualUse},
    }

    2022

  • Stefka Schmid, Thea Riebe, Christian Reuter (2022)
    Dual-Use and Trustworthy? A Mixed Methods Analysis of AI Diffusion between Civilian and Defense R&D
    Science and Engineering Ethics ;28(12):1–23. doi:10.1007/s11948-022-00364-7
    [BibTeX] [Abstract] [Download PDF]

    Artificial Intelligence (AI) seems to be impacting all industry sectors, while becoming a motor for innovation. The diffusion of AI from the civilian sector to the defense sector, and AI’s dual-use potential has drawn attention from security and ethics scholars. With the publication of the ethical guideline Trustworthy AI by the European Union (EU), normative questions on the application of AI have been further evaluated. In order to draw conclusions on Trustworthy AI as a point of reference for responsible research and development (R&D), we approach the diffusion of AI across both civilian and military spheres in the EU. We capture the extent of technological diffusion and derive European and German patent citation networks. Both networks indicate a low degree of diffusion of AI between civilian and defense sectors. A qualitative investigation of project descriptions of a research institute’s work in both civilian and military fields shows that military AI applications stress accuracy or robustness, while civilian AI reflects a focus on human-centric values. Our work represents a first approach by linking processes of technology diffusion with normative evaluations of R&D.

    @article{schmid_dual-use_2022,
    title = {Dual-{Use} and {Trustworthy}? {A} {Mixed} {Methods} {Analysis} of {AI} {Diffusion} between {Civilian} and {Defense} {R}\&{D}},
    volume = {28},
    url = {https://peasec.de/paper/2022/2022_SchmidRiebeReuter_DualUseandTrustworthy_ScienceEngineeringEthics.pdf},
    doi = {10.1007/s11948-022-00364-7},
    abstract = {Artificial Intelligence (AI) seems to be impacting all industry sectors, while becoming a motor for innovation. The diffusion of AI from the civilian sector to the defense sector, and AI’s dual-use potential has drawn attention from security and ethics scholars. With the publication of the ethical guideline Trustworthy AI by the European Union (EU), normative questions on the application of AI have been further evaluated. In order to draw conclusions on Trustworthy AI as a point of reference for responsible research and development (R\&D), we approach the diffusion of AI across both civilian and military spheres in the EU. We capture the extent of technological diffusion and derive European and German patent citation networks. Both networks indicate a low degree of diffusion of AI between civilian and defense sectors. A qualitative investigation of project descriptions of a research institute’s work in both civilian and military fields shows that military AI applications stress accuracy or robustness, while civilian AI reflects a focus on human-centric values. Our work represents a first approach by linking processes of technology diffusion with normative evaluations of R\&D.},
    number = {12},
    journal = {Science and Engineering Ethics},
    author = {Schmid, Stefka and Riebe, Thea and Reuter, Christian},
    year = {2022},
    keywords = {Projekt-ATHENE-SecUrban, A-Paper, Ranking-ImpactFactor, Peace, Projekt-DualUse, AuswahlPeace, Projekt-TraCe},
    pages = {1--23},
    }

  • Thea Riebe, Philipp Kuehn, Philipp Imperatori, Christian Reuter (2022)
    U.S. Security Policy: The Dual-Use Regulation of Cryptography and its Effects on Surveillance
    European Journal for Security Research . doi:10.1007/s41125-022-00080-0
    [BibTeX] [Abstract] [Download PDF]

    Cryptography has become ubiquitous in communication technology and is considered a necessary part of information security. However, both the regulation to restrict access to cryptography, as well as practices to weaken or break encryption, are part of the States’ security policies. The United States (U.S.) regulate cryptography for export in international trade as a dual-use good. However, the regulation has been increasingly loosened and transferred to bilateral agreements with Information and Communication Technology companies. At the same time, the National Security Agency attempted to implement a government encryption standard to guarantee itself easier access to data, thus progressively expanding surveillance on non-U.S. citizens. In this paper, using comparative policy analysis, we examine the evolution of both security policies by tracing the historical development of U.S. regulation of cryptography as a dual-use good, and surveillance technologies, and practices used from the 1990s to today. We conclude that the impact of the dual-use regulation has affected the efficiency of surveillance technology, by loosening regulations only for mass communication services, thereby supporting the proliferation of surveillance intermediaries, while working on strategies to collaborate and exploit their coverage.

    @article{riebe_us_2022,
    title = {U.{S}. {Security} {Policy}: {The} {Dual}-{Use} {Regulation} of {Cryptography} and its {Effects} on {Surveillance}},
    url = {https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf},
    doi = {10.1007/s41125-022-00080-0},
    abstract = {Cryptography has become ubiquitous in communication technology and is considered a necessary part of information security. However, both the regulation to restrict access to cryptography, as well as practices to weaken or break encryption, are part of the States’ security policies. The United States (U.S.) regulate cryptography for export in international trade as a dual-use good. However, the regulation has been increasingly loosened and transferred to bilateral agreements with Information and Communication Technology companies. At the same time, the National Security Agency attempted to implement a government encryption standard to guarantee itself easier access to data, thus progressively expanding surveillance on non-U.S. citizens. In this paper, using comparative policy analysis, we examine the evolution of both security policies by tracing the historical development of U.S. regulation of cryptography as a dual-use good, and surveillance technologies, and practices used from the 1990s to today. We conclude that the impact of the dual-use regulation has affected the efficiency of surveillance technology, by loosening regulations only for mass communication services, thereby supporting the proliferation of surveillance intermediaries, while working on strategies to collaborate and exploit their coverage.},
    journal = {European Journal for Security Research},
    author = {Riebe, Thea and Kuehn, Philipp and Imperatori, Philipp and Reuter, Christian},
    year = {2022},
    keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-CROSSING, Security, Student},
    }

  • Malte Göttsche, Sibylle Bauer, Anja Dahlmann, Friederike Frieß, Filippa Lentzos, Götz Neuneck, Irmgard Niemeyer, Thea Riebe, Jantje Silomon, Christian Reuter, Jakob Brochhaus, Lukas Rademacher (2022)
    Conference Proceedings : Science, Peace, Security ’21 : The Impact of new Technologies: Destabilizing or Enabling Resilience? : 8-10 September 2021
    Aachen: RWTH Aachen University. doi:10.18154/RWTH-2022-02256
    [BibTeX] [Abstract] [Download PDF]

    The impact of the rapid technological change on peace and security continuously grows and becomes increasingly complex. Against the background of a quickly deteriorating security environment, the international conference SCIENCE · PEACE · SECURITY ’21 (RWTH Aachen University, 8-10 September 2021) examined the role of emerging technologies. The 60 speakers and 220 participants came from the natural, technical and social sciences. Diplomats and representatives from international organisations participated in the discussions. Topics included nuclear, chemical and biological arms control, autonomy in weapon systems, cybersecurity and the militarization of space among others. The main outcome was that all of these issues could be more effectively addressed by new approaches to rigorous interdisciplinary research collaboration to create policy-relevant knowledge and by tightening the nexus between the scientist and policy communities. Both can only be achieved and sustained by funding novel structures that enable scientific-technical scholars to engage on these topics. Key problems to be addressed by integrating natural, technical and social science perspectives include early risk assessment of potential dual-use research and technologies – especially in bio-security and epidemiology as well as IT and robotic research. Ways forward are the inclusion of norms into technology design as well as addressing questions of responsibility and standards. For military-usable technologies, entirely new regulatory approaches are necessary to prevent escalatory dynamics and to maintain accountability structures, moving from object-based to behaviour-based approaches. Scientific-technical research contributes to peace and security in positive ways. A prominent example are nuclear verification techniques. While instruments to monitor nonproliferation and test ban commitments benefit from further improvement, many gaps on how to verify future arms control and disarmament agreements still exist and must be urgently closed. The best cutting-edge scientific and academic expertise that is required for these complex research tasks is found in universities and other independent research institutes. Typically, however, decisionmakers draw knowledge from governmental institutions because of ease and existing connections. Therefore, efforts should be made to better connect the policy and academic communities. Communication between both can be improved by meeting on a regular basis and not only when advice on a specific issue is sought. This can foster more stable relationships and increase an understanding of each other. Lastly, opportunities should be improved for the younger generation of scientists and technologists to engage with policymakers. It is crucial to educate and engage early-on the next generation of scientifically-literate policymakers and security-aware scientists.

    @book{gottsche_conference_2022,
    address = {Aachen},
    title = {Conference {Proceedings} : {Science}, {Peace}, {Security} '21 : {The} {Impact} of new {Technologies}: {Destabilizing} or {Enabling} {Resilience}? : 8-10 {September} 2021},
    url = {https://peasec.de/paper/2022/2022_Goettscheetal_ProceedingsSciencePeaceSecurity21ImpactOfNewTechnologies.pdf},
    abstract = {The impact of the rapid technological change on peace and security continuously grows and becomes increasingly complex. Against the background of a quickly deteriorating security environment, the international conference SCIENCE · PEACE · SECURITY ’21 (RWTH Aachen University, 8-10 September 2021) examined the role of emerging technologies. The 60 speakers and 220 participants came from the natural, technical and social sciences. Diplomats and representatives from international organisations participated in the discussions. Topics included nuclear, chemical and biological arms control, autonomy in weapon systems, cybersecurity and the militarization of space among others.
    The main outcome was that all of these issues could be more effectively addressed by new approaches to rigorous interdisciplinary research collaboration to create policy-relevant knowledge and by tightening the nexus between the scientist and policy communities. Both can only be achieved and sustained by funding novel structures that enable scientific-technical scholars to engage on these topics.
    Key problems to be addressed by integrating natural, technical and social science perspectives include early risk assessment of potential dual-use research and technologies – especially in bio-security and epidemiology as well as IT and robotic research. Ways forward are the inclusion of norms into technology design as well as addressing questions of responsibility and standards. For military-usable technologies, entirely new regulatory approaches are necessary to prevent escalatory dynamics and to maintain accountability structures, moving from object-based to behaviour-based approaches.
    Scientific-technical research contributes to peace and security in positive ways. A prominent example are nuclear verification techniques. While instruments to monitor nonproliferation and test ban commitments benefit from further improvement, many gaps on how to verify future arms control and disarmament agreements still exist and must be urgently closed.
    The best cutting-edge scientific and academic expertise that is required for these complex research tasks is found in universities and other independent research institutes. Typically, however, decisionmakers draw knowledge from governmental institutions because of ease and existing connections. Therefore, efforts should be made to better connect the policy and academic communities. Communication between both can be improved by meeting on a regular basis and not only when advice on a specific issue is sought. This can foster more stable relationships and increase an understanding of each other.
    Lastly, opportunities should be improved for the younger generation of scientists and technologists to engage with policymakers. It is crucial to educate and engage early-on the next generation of scientifically-literate policymakers and security-aware scientists.},
    publisher = {RWTH Aachen University},
    author = {Göttsche, Malte and Bauer, Sibylle and Dahlmann, Anja and Frieß, Friederike and Lentzos, Filippa and Neuneck, Götz and Niemeyer, Irmgard and Riebe, Thea and Silomon, Jantje and Reuter, Christian and Brochhaus, Jakob and Rademacher, Lukas},
    year = {2022},
    doi = {10.18154/RWTH-2022-02256},
    keywords = {Peace},
    }

  • Thea Riebe, Tom Biselli, Marc-André Kaufhold, Christian Reuter (2022)
    Privacy Concerns and Acceptance Factors of OSINT for Cybersecurity: A Representative Survey
    Proceedings on Privacy Enhancing Technologies (PoPETs) .
    [BibTeX] [Abstract]

    The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.

    @article{riebe_privacy_2022,
    title = {Privacy {Concerns} and {Acceptance} {Factors} of {OSINT} for {Cybersecurity}: {A} {Representative} {Survey}},
    abstract = {The use of Open Source Intelligence (OSINT) to monitor and detect cybersecurity threats is gaining popularity among Cybersecurity Emergency or Incident Response Teams (CERTs/CSIRTs). They increasingly use semi-automated OSINT approaches when monitoring cyber threats for public infrastructure services and incident response. Most of the systems use publicly available data, often focusing on social media due to timely data for situational assessment. As indirect and affected stakeholders, the acceptance of OSINT systems by users, as well as the conditions which influence the acceptance, are relevant for the development of OSINT systems for cybersecurity. Therefore, as part of the ethical and social technology assessment, we conducted a survey (N=1,093), in which we asked participants about their acceptance of OSINT systems, their perceived need for open source surveillance, as well as their privacy behavior and concerns. Further, we tested if the awareness of OSINT is an interactive factor that affects other factors. Our results indicate that cyber threat perception and the perceived need for OSINT are positively related to acceptance, while privacy concerns are negatively related. The awareness of OSINT, however, has only shown effects on people with higher privacy concerns. Here, particularly high OSINT awareness and limited privacy concerns were associated with higher OSINT acceptance. Lastly, we provide implications for further research and the use of OSINT systems for cybersecurity by authorities. As OSINT is a framework rather than a single technology, approaches can be selected and combined to adhere to data minimization and anonymization as well as to leverage improvements in privacy-preserving computation and machine learning innovations. Regarding the use of OSINT, the results suggest to favor approaches that provide transparency to users regarding the use of the systems and the data they gather.},
    journal = {Proceedings on Privacy Enhancing Technologies (PoPETs)},
    author = {Riebe, Thea and Biselli, Tom and Kaufhold, Marc-André and Reuter, Christian},
    year = {2022},
    keywords = {Projekt-CYWARN, Security, UsableSec, A-Paper, Selected, Ranking-CORE-A, AuswahlUsableSec, Projekt-ATHENE-FANCY},
    }

  • Christian Reuter, Thea Riebe, Jasmin Haunschild, Thomas Reinhold, Stefka Schmid (2022)
    Zur Schnittmenge von Informatik mit Friedens- und Sicherheitsforschung: Erfahrungen aus der interdisziplinären Lehre in der Friedensinformatik
    Zeitschrift für Friedens- und Konfliktforschung (ZeFKo) . doi:10.1007/s42597-022-00078-4
    [BibTeX] [Abstract] [Download PDF]

    Interdisziplinäre Forschung und Lehre zwischen Informatik sowie Friedens- und Sicherheitsforschung ist vor dem Hintergrund, dass Konflikte im Cyberspace nicht mehr eine in der Zukunft liegende Fiktion, sondern eine realitätsnahe Möglichkeit darstellen, unabdingbar. Auch wenn zahlreiche etablierte Lehrveranstaltungen und Lehrbücher in der einen oder anderen Disziplin existieren, gilt dies nicht für deren Schnittmenge. Dieser Beitrag reflektiert die Einführung der in Bezug auf Thematik und Hörer*innenschaft interdisziplinären Lehrveranstaltung „Informationstechnologie für Frieden und Sicherheit“ für Studierende der Informatik, IT-Sicherheit und Wirtschaftsinformatik der Technischen Universität Darmstadt, sowie Friedens- und Konfliktforschung der TU Darmstadt in Kooperation mit der Goethe-Universität Frankfurt. Hierbei werden Herausforderungen und Lösungsansätze der interdisziplinären Lehre dargestellt und die Bedeutung dieser Lehre hervorgehoben.

    @article{reuter_zur_2022,
    title = {Zur {Schnittmenge} von {Informatik} mit {Friedens}- und {Sicherheitsforschung}: {Erfahrungen} aus der interdisziplinären {Lehre} in der {Friedensinformatik}},
    url = {https://link.springer.com/content/pdf/10.1007/s42597-022-00078-4.pdf},
    doi = {10.1007/s42597-022-00078-4},
    abstract = {Interdisziplinäre Forschung und Lehre zwischen Informatik sowie Friedens- und Sicherheitsforschung ist vor dem Hintergrund, dass Konflikte im Cyberspace nicht mehr eine in der Zukunft liegende Fiktion, sondern eine realitätsnahe Möglichkeit darstellen, unabdingbar. Auch wenn zahlreiche etablierte Lehrveranstaltungen und Lehrbücher in der einen oder anderen Disziplin existieren, gilt dies nicht für deren Schnittmenge. Dieser Beitrag reflektiert die Einführung der in Bezug auf Thematik und Hörer*innenschaft interdisziplinären Lehrveranstaltung „Informationstechnologie für Frieden und Sicherheit“ für Studierende der Informatik, IT-Sicherheit und Wirtschaftsinformatik der Technischen Universität Darmstadt, sowie Friedens- und Konfliktforschung der TU Darmstadt in Kooperation mit der Goethe-Universität Frankfurt. Hierbei werden Herausforderungen und Lösungsansätze der interdisziplinären Lehre dargestellt und die Bedeutung dieser Lehre hervorgehoben.},
    journal = {Zeitschrift für Friedens- und Konfliktforschung (ZeFKo)},
    author = {Reuter, Christian and Riebe, Thea and Haunschild, Jasmin and Reinhold, Thomas and Schmid, Stefka},
    year = {2022},
    keywords = {Peace},
    }

  • Thea Riebe (2022)
    Technology Assessment of Dual-Use ICTs – How to assess Diffusion, Governance and Design
    Darmstadt, Germany: Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Unviersität Darmstadt.
    [BibTeX]

    @book{riebe_technology_2022,
    address = {Darmstadt, Germany},
    title = {Technology {Assessment} of {Dual}-{Use} {ICTs} – {How} to assess {Diffusion}, {Governance} and {Design}},
    publisher = {Dissertation (Dr. rer. nat.), Department of Computer Science, Technische Unviersität Darmstadt},
    author = {Riebe, Thea},
    year = {2022},
    keywords = {Projekt-CYWARN, Projekt-KontiKat, Peace, Projekt-DualUse},
    }

    2021

  • Thea Riebe, Stefka Schmid, Christian Reuter (2021)
    Measuring Spillover Effects from Defense to Civilian Sectors – A Quantitative Approach Using LinkedIn
    Defence and Peace Economics ;32(7):773–785. doi:10.1080/10242694.2020.1755787
    [BibTeX] [Abstract] [Download PDF]

    Spillover effects describe the process of a company benefiting from the R&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.

    @article{riebe_measuring_2021,
    title = {Measuring {Spillover} {Effects} from {Defense} to {Civilian} {Sectors} – {A} {Quantitative} {Approach} {Using} {LinkedIn}},
    volume = {32},
    url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_SpilloverEffectsDefensetoCivilianLinkedIn_PDE.pdf},
    doi = {10.1080/10242694.2020.1755787},
    abstract = {Spillover effects describe the process of a company benefiting from the R\&D activities of another one and thereby gaining an economic advantage. One prominent approach for measuring spillover effects is based on the analysis of patent citation networks. Taking social media analytics and knowledge economics into account, this paper presents a complementary approach to quantify spillover effects from defense to civilian research and development, analyzing 513 employment biographies from the social network LinkedIn. Using descriptive network analysis, we investigate the emigration of personnel of the German defense industry to other civilian producers. Thereby, our study reveals that in the last decade, employees of defense suppliers have changed positions significantly less often, with 3.24 changes on average than professionals who have worked more than 50\% of their jobs in the civilian sector, having changed 4.61 times on average. Our work illustrates the churn behavior and how spillover effects between defense and civilian sectors can be measured using social career networks such as LinkedIn.},
    number = {7},
    journal = {Defence and Peace Economics},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    year = {2021},
    keywords = {Projekt-ATHENE-SecUrban, A-Paper, Ranking-ImpactFactor, Peace, Selected, Projekt-DualUse, AuswahlPeace, Cyberwar},
    pages = {773--785},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2021)
    LinkedIn als Barometer: Austausch zwischen ziviler und militärischer F&E
    Wissenschaft & Frieden: 2021.
    [BibTeX] [Abstract] [Download PDF]

    Gibt es Wissenstransfers zwischen militärischer und ziviler Forschung? Wenn ja, in welchem Umfang? Um die Art und Weise zu untersuchen, wie Unternehmen durch sogenannte »Spillover«-Effekte von den Aktivitäten in den Bereichen »Forschung und Entwicklung« (F&E) eines anderen Unternehmens profi tieren, existieren bereits Methoden, die die Mobilität von Arbeitskräften als Initiator von Wissenstransfers untersuchen. Dieser Beitrag stellt einen ergänzenden Ansatz vor, der auf »Social Media Analytics« (SMA) beruht. Er soll helfen, die »Spillover«-Eff ekte vom Verteidigungsbereich in die zivile F&E quantifi zieren zu können und beruht auf der Analyse von Angaben zum Beschäftigungswechsel aus dem sozialen Netzwerk »LinkedIn«.

    @techreport{riebe_linkedin_2021,
    address = {Wissenschaft \& Frieden},
    title = {{LinkedIn} als {Barometer}: {Austausch} zwischen ziviler und militärischer {F}\&{E}},
    url = {https://peasec.de/paper/2021/2021_RiebeSchmidReuter_LinkedInalsBarometer_WuF.pdf},
    abstract = {Gibt es Wissenstransfers zwischen militärischer und ziviler Forschung? Wenn ja, in welchem Umfang? Um die Art und Weise zu untersuchen, wie Unternehmen durch sogenannte »Spillover«-Effekte von den Aktivitäten in den Bereichen »Forschung und Entwicklung« (F\&E) eines anderen Unternehmens profi tieren, existieren bereits Methoden, die die Mobilität von Arbeitskräften als Initiator von Wissenstransfers untersuchen. Dieser Beitrag stellt einen ergänzenden Ansatz vor, der auf »Social Media Analytics« (SMA) beruht. Er soll helfen, die »Spillover«-Eff ekte vom Verteidigungsbereich in die zivile F\&E quantifi zieren zu können und beruht auf der Analyse von Angaben zum Beschäftigungswechsel aus dem sozialen Netzwerk »LinkedIn«.},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    year = {2021},
    keywords = {Peace, Projekt-DualUse},
    }

  • Marc-André Kaufhold, Jennifer Fromm, Thea Riebe, Milad Mirbabaie, Philipp Kuehn, Ali Sercan Basyurt, Markus Bayer, Marc Stöttinger, Kaan Eyilmez, Reinhard Möller, Christoph Fuchß, Stefan Stieglitz, Christian Reuter (2021)
    CYWARN: Strategy and Technology Development for Cross-Platform Cyber Situational Awareness and Actor-Specific Cyber Threat Communication
    Workshop-Proceedings Mensch und Computer Bonn. doi:10.18420/muc2021-mci-ws08-263
    [BibTeX] [Abstract] [Download PDF]

    Despite the merits of digitisation in private and professional spaces, critical infrastructures and societies are increasingly ex-posed to cyberattacks. Thus, Computer Emergency Response Teams (CERTs) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberattacks. However, their tasks are getting more complex by the increasing amount and varying quality of information dissem-inated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYWARN project, which seeks to design strategies and technolo-gies for cross-platform cyber situational awareness and actor-spe-cific cyber threat communication. Second, it identifies and elabo-rates eight research challenges with regard to the monitoring, analysis and communication of cyber threats in CERTs, which serve as a starting point for in-depth research within the project.

    @inproceedings{kaufhold_cywarn_2021,
    address = {Bonn},
    series = {Mensch und {Computer} 2021 - {Workshopband}},
    title = {{CYWARN}: {Strategy} and {Technology} {Development} for {Cross}-{Platform} {Cyber} {Situational} {Awareness} and {Actor}-{Specific} {Cyber} {Threat} {Communication}},
    url = {https://peasec.de/paper/2021/2021_Kaufholdetal_CYWARN-CyberSituationalAwareness_MuC-WS.pdf},
    doi = {10.18420/muc2021-mci-ws08-263},
    abstract = {Despite the merits of digitisation in private and professional spaces, critical infrastructures and societies are increasingly ex-posed to cyberattacks. Thus, Computer Emergency Response Teams (CERTs) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberattacks. However, their tasks are getting more complex by the increasing amount and varying quality of information dissem-inated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYWARN project, which seeks to design strategies and technolo-gies for cross-platform cyber situational awareness and actor-spe-cific cyber threat communication. Second, it identifies and elabo-rates eight research challenges with regard to the monitoring, analysis and communication of cyber threats in CERTs, which serve as a starting point for in-depth research within the project.},
    booktitle = {Workshop-{Proceedings} {Mensch} und {Computer}},
    publisher = {Gesellschaft für Informatik},
    author = {Kaufhold, Marc-André and Fromm, Jennifer and Riebe, Thea and Mirbabaie, Milad and Kuehn, Philipp and Basyurt, Ali Sercan and Bayer, Markus and Stöttinger, Marc and Eyilmez, Kaan and Möller, Reinhard and Fuchß, Christoph and Stieglitz, Stefan and Reuter, Christian},
    year = {2021},
    keywords = {Projekt-CYWARN, Security},
    }

  • Thea Riebe, Marc-André Kaufhold, Christian Reuter (2021)
    The Impact of Organizational Structure and Technology Use on Collaborative Practices in Computer Emergency Response Teams: An Empirical Study
    Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing ;5(CSCW2). doi:10.1145/3479865
    [BibTeX] [Abstract] [Download PDF]

    Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.

    @article{riebe_impact_2021,
    title = {The {Impact} of {Organizational} {Structure} and {Technology} {Use} on {Collaborative} {Practices} in {Computer} {Emergency} {Response} {Teams}: {An} {Empirical} {Study}},
    volume = {5},
    url = {https://www.peasec.de/paper/2021/2021_RiebeKaufholdReuter_ComputerEmegencyResponseTeams_CSCW.pdf},
    doi = {10.1145/3479865},
    abstract = {Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.},
    number = {CSCW2},
    journal = {Proceedings of the ACM: Human Computer Interaction (PACM): Computer-Supported Cooperative Work and Social Computing},
    author = {Riebe, Thea and Kaufhold, Marc-André and Reuter, Christian},
    year = {2021},
    keywords = {Crisis, Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-KontiKat, Security, UsableSec, A-Paper, Ranking-CORE-A, AuswahlUsableSec, AuswahlKaufhold},
    }

  • Thea Riebe, Tristan Wirth, Markus Bayer, Philipp Kuehn, Marc-André Kaufhold, Volker Knauthe, Stefan Guthe, Christian Reuter (2021)
    CySecAlert: An Alert Generation System for Cyber Security Events Using Open Source Intelligence Data
    Information and Communications Security (ICICS) . doi:10.1007/978-3-030-86890-1_24
    [BibTeX] [Abstract] [Download PDF]

    Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.

    @inproceedings{riebe_cysecalert_2021,
    title = {{CySecAlert}: {An} {Alert} {Generation} {System} for {Cyber} {Security} {Events} {Using} {Open} {Source} {Intelligence} {Data}},
    url = {https://peasec.de/paper/2021/2021_RiebeWirthBayerKuehnKaufholdKnautheGutheReuter_CySecAlertOpenSourceIntelligence_ICICS.pdf},
    doi = {10.1007/978-3-030-86890-1_24},
    abstract = {Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.},
    booktitle = {Information and {Communications} {Security} ({ICICS})},
    author = {Riebe, Thea and Wirth, Tristan and Bayer, Markus and Kuehn, Philipp and Kaufhold, Marc-André and Knauthe, Volker and Guthe, Stefan and Reuter, Christian},
    year = {2021},
    keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Security, Student, UsableSec, Ranking-CORE-B},
    pages = {429--446},
    }

  • Thea Riebe, Christian Reuter (2021)
    Neue Technologien und Resilienz
    Wissenschaft und Frieden: 2021.
    [BibTeX] [Abstract] [Download PDF]

    Die Science · Peace · Security ’21 (SPS21) Konferenz fand in diesem Jahr virtuell statt. Ausgerichtet wurde sie durch Prof. Malte Göttsche, Leiter der Forschungsgruppe »Nukleare Verifikation und Abrüstung« an der RWTH Aachen mit Unterstützung eines international besetzten Programmkomitees. Die Konferenz brachte Wissenschaftler*innen aus vielen Disziplinen und aus aller Welt, Diplomat*innen sowie Mitglieder der Bundeswehr zusammen, um über aktuelle Fragen der Rüstungskontrolle und Abrüstung unter dem diesjährigen Motto »The Impact of New Technologies: Destabilizing or Enabling Resilience?« zu diskutieren.

    @techreport{riebe_neue_2021,
    address = {Wissenschaft und Frieden},
    title = {Neue {Technologien} und {Resilienz}},
    url = {www.peasec.de/paper/2021/2021_RiebeReuter_NeueTechnologienResilienz.pdf},
    abstract = {Die Science · Peace · Security ’21 (SPS21) Konferenz fand in diesem Jahr virtuell statt. Ausgerichtet wurde sie durch Prof. Malte Göttsche, Leiter der Forschungsgruppe »Nukleare Verifikation und Abrüstung« an der RWTH Aachen mit Unterstützung eines international besetzten Programmkomitees. Die Konferenz brachte Wissenschaftler*innen aus vielen Disziplinen und aus aller Welt, Diplomat*innen sowie Mitglieder der Bundeswehr zusammen, um über aktuelle Fragen der Rüstungskontrolle und Abrüstung unter dem diesjährigen Motto »The Impact of New Technologies: Destabilizing or Enabling Resilience?« zu diskutieren.},
    author = {Riebe, Thea and Reuter, Christian},
    year = {2021},
    keywords = {Peace},
    }

    2020

  • Thea Riebe, Jasmin Haunschild, Felix Divo, Matthias Lang, Gerbert Roitburd, Jonas Franken, Christian Reuter (2020)
    Die Veränderung der Vorratsdatenspeicherung in Europa
    Datenschutz und Datensicherheit – DuD ;44(5):316–321. doi:10.1007/s11623-020-1275-3
    [BibTeX] [Abstract] [Download PDF]

    Die Diskussion um die Vorratsdatenspeicherung ist europaweit weiterhin relevant, da es keine einheitliche Gesetzgebung der EU-Mitgliedsstaaten gibt. So werden in einigen EU-Staaten weiterhin Vorratsdaten gespeichert, obwohl der EuGH die Vorratsdatenspeicherung für teilweise rechtswidrig erklärt hat. Dabei unterscheiden sich die Speicherdauer, die erhobenen Daten und die Rechte der Behörden erheblich. Der Beitrag vergleicht den Umgang mit der Vorratsdatenspeicherung in zehn EU- und Schengen-Staaten im Hinblick auf Einführung und Aussetzung, Speicherdauer, Speicherinhalte und Zugriffsrechte.

    @article{riebe_veranderung_2020,
    title = {Die {Veränderung} der {Vorratsdatenspeicherung} in {Europa}},
    volume = {44},
    url = {https://www.peasec.de/paper/2020/2020_Riebeetal_VDSinEuropa_DuD.pdf},
    doi = {10.1007/s11623-020-1275-3},
    abstract = {Die Diskussion um die Vorratsdatenspeicherung ist europaweit weiterhin relevant, da es keine einheitliche Gesetzgebung der EU-Mitgliedsstaaten gibt. So werden in einigen EU-Staaten weiterhin Vorratsdaten gespeichert, obwohl der EuGH die Vorratsdatenspeicherung für teilweise rechtswidrig erklärt hat. Dabei unterscheiden sich die Speicherdauer, die erhobenen Daten und die Rechte der Behörden erheblich. Der Beitrag vergleicht den Umgang mit der Vorratsdatenspeicherung in zehn EU- und Schengen-Staaten im Hinblick auf Einführung und Aussetzung, Speicherdauer, Speicherinhalte und Zugriffsrechte.},
    number = {5},
    journal = {Datenschutz und Datensicherheit - DuD},
    author = {Riebe, Thea and Haunschild, Jasmin and Divo, Felix and Lang, Matthias and Roitburd, Gerbert and Franken, Jonas and Reuter, Christian},
    year = {2020},
    keywords = {Projekt-ATHENE-SecUrban, Projekt-KontiKat, Security, Student, Peace, Projekt-DualUse},
    pages = {316--321},
    }

  • Thea Riebe, Stefka Schmid, Christian Reuter (2020)
    Meaningful Human Control of Lethal Autonomous Weapon System: The CCW-Debate and its Implications for Value-Sensitive Design
    IEEE Technology and Society Magazine ;39(4):36–51. doi:10.1109/MTS.2020.3031846
    [BibTeX] [Abstract] [Download PDF]

    The debate on the development and deployment of lethal autonomous weapon systems (LAWS) as an emerging technology is of increasing importance, with discussions stalling and technological development progressing. Monitoring the progress of increasingly autonomous weapons systems in civilian and military use as well as regulating possible autonomous systems early on is demanded by civil society actors, like the Campaign to Stop Killer Robots and the International Committee of the Red Cross (ICRC), while nation states follow a variety of interests and strategies, showing little room for consensus on central terms and questions [2], [3]. This article therefore sheds light on the work of the Group of Governmental Experts (GGE) of the UN Convention of Certain Conventional Weapons (CCW). The CCW, offering an arena for international cooperation, has dedicated itself to the purpose of finding common ground with respect to an understanding of LAWS, as well as to the necessary degree of human control. From an ethical perspective, the concept of Meaningful Human Control (MHC) supports a human-centric approach. Several IEEE projects, series and publications are dedicated to this prioritization, especially regarding civilian use. As autonomous technology is increasingly at the center of contemporary military innovations, questions of (human) agency and responsibility in warfare have become even more pressing. As stressed by the United Nations Institute for Disarmament Research (UNIDIR), the concept of MHC may prove useful in the context of development and use of (semi-) autonomous weaponry.

    @article{riebe_meaningful_2020,
    title = {Meaningful {Human} {Control} of {Lethal} {Autonomous} {Weapon} {System}: {The} {CCW}-{Debate} and its {Implications} for {Value}-{Sensitive} {Design}},
    volume = {39},
    url = {https://peasec.de/paper/2020/2020_RiebeSchmidReuter_MHC_IEEETechScieMag.pdf},
    doi = {10.1109/MTS.2020.3031846},
    abstract = {The debate on the development and deployment of lethal autonomous weapon systems (LAWS) as an emerging technology is of increasing importance, with discussions stalling and technological development progressing. Monitoring the progress of increasingly autonomous weapons systems in civilian and military use as well as regulating possible autonomous systems early on is demanded by civil society actors, like the Campaign to Stop Killer Robots and the International Committee of the Red Cross (ICRC), while nation states follow a variety of interests and strategies, showing little room for consensus on central terms and questions [2], [3]. This article therefore sheds light on the work of the Group of Governmental Experts (GGE) of the UN Convention of Certain Conventional Weapons (CCW). The CCW, offering an arena for international cooperation, has dedicated itself to the purpose of finding common ground with respect to an understanding of LAWS, as well as to the necessary degree of human control. From an ethical perspective, the concept of Meaningful Human Control (MHC) supports a human-centric approach. Several IEEE projects, series and publications are dedicated to this prioritization, especially regarding civilian use. As autonomous technology is increasingly at the center of contemporary military innovations, questions of (human) agency and responsibility in warfare have become even more pressing. As stressed by the United Nations Institute for Disarmament Research (UNIDIR), the concept of MHC may prove useful in the context of development and use of (semi-) autonomous weaponry.},
    number = {4},
    journal = {IEEE Technology and Society Magazine},
    author = {Riebe, Thea and Schmid, Stefka and Reuter, Christian},
    year = {2020},
    keywords = {Projekt-KontiKat, A-Paper, Ranking-ImpactFactor, Peace, Projekt-DualUse, AuswahlPeace, Cyberwar},
    pages = {36--51},
    }

  • Philipp Imperatori, Thea Riebe, Christian Reuter (2020)
    Verschlüsselungspolitik der USA: Vom Clipper-Chip zu Edward Snowden
    FIfF-Kommunikation ;37:77–80.
    [BibTeX] [Download PDF]

    @article{imperatori_verschlusselungspolitik_2020,
    title = {Verschlüsselungspolitik der {USA}: {Vom} {Clipper}-{Chip} zu {Edward} {Snowden}},
    volume = {37},
    url = {https://www.fiff.de/publikationen/fiff-kommunikation/fk-2020/fk-2020-1/fk-1-20-p77.pdf},
    journal = {FIfF-Kommunikation},
    author = {Imperatori, Philipp and Riebe, Thea and Reuter, Christian},
    year = {2020},
    keywords = {Projekt-CROSSING, Security, Student, Peace, Projekt-DualUse},
    pages = {77--80},
    }

  • Philipp Kuehn, Thea Riebe, Lynn Apelt, Max Jansen, Christian Reuter (2020)
    Sharing of Cyber Threat Intelligence between States
    S+F Sicherheit und Frieden / Peace and Security ;38(1):22–28. doi:10.5771/0175-274X-2020-1-22
    [BibTeX] [Abstract] [Download PDF]

    Threats in cyberspace have increased in recent years due to the increment of offensive capabilities by states. Approaches to mitigate the security dilemma in cyberspace within the UN are deadlocked, as states have not been able to achieve agreements. However, from the perspective of IT-Security, there are Cyber Threat Intelligence (CTI) platforms to share and analyze cyber threats for a collective crisis management. To investigate, whether or not CTI platforms can be used as a confidence-building measure between states and international organizations, we portray current CTI platforms, showcase political requirements, and answer the question of how CTI communication may contribute to confidence-building in international affairs. Our results suggest the need to further develop analytical capabilities, as well as the implementation of a broad social, political, and legal environment for international CTI sharing.

    @article{kuehn_sharing_2020,
    title = {Sharing of {Cyber} {Threat} {Intelligence} between {States}},
    volume = {38},
    url = {http://www.peasec.de/paper/2020/2020_KuehnRiebeApeltJansenReuter_SharingCyberThreatIntelligence_SF.pdf},
    doi = {10.5771/0175-274X-2020-1-22},
    abstract = {Threats in cyberspace have increased in recent years due to the increment of offensive capabilities by states. Approaches to mitigate the security dilemma in cyberspace within the UN are deadlocked, as states have not been able to achieve agreements. However, from the perspective of IT-Security, there are Cyber Threat Intelligence (CTI) platforms to share and analyze cyber threats for a collective crisis management. To investigate, whether or not CTI platforms can be used as a confidence-building measure between states and international organizations, we portray current CTI platforms, showcase political requirements, and answer the question of how CTI communication may contribute to confidence-building in international affairs. Our results suggest the need to further develop analytical capabilities, as well as the implementation of a broad social, political, and legal environment for international CTI sharing.},
    number = {1},
    journal = {S+F Sicherheit und Frieden / Peace and Security},
    author = {Kuehn, Philipp and Riebe, Thea and Apelt, Lynn and Jansen, Max and Reuter, Christian},
    year = {2020},
    keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Security, Student, Peace, Projekt-DualUse, Cyberwar},
    pages = {22--28},
    }

  • Thea Riebe (2020)
    Umgang mit Killerrobotern
    2020.
    [BibTeX] [Download PDF]

    @techreport{riebe_umgang_2020,
    title = {Umgang mit {Killerrobotern}},
    url = {https://peasec.de/paper/2020/2020_Riebe_UmgangmitKillerbotobern_WF.pdf},
    author = {Riebe, Thea},
    year = {2020},
    keywords = {Peace, Projekt-DualUse},
    }

    2019

  • Marc-André Kaufhold, Arne Schmidt, Fabienne Seifert, Thea Riebe, Christian Reuter (2019)
    SentiNet: Twitter-basierter Ansatz zur kombinierten Netzwerk- und Stimmungsanalyse in Katastrophenlagen
    Mensch und Computer 2019 – Workshopband Hamburg, Germany. doi:10.18420/muc2019-ws-133-04
    [BibTeX] [Abstract] [Download PDF]

    Das Forschungsfeld Social Media Analytics untersucht Methoden zur Analyse sozialer Medien nicht nur für Bürger und Unternehmen, sondern auch für Einsatzkräfte in Notsituationen. Zur Unterstützung des Situationsbewusstseins in derartigen Lagen werden unter anderem soziale Netzwerkanalysen angewandt, um Handlungen und die Vernetzung von Helfern nachzuvollziehen, sowie Stimmungsanalysen, um Emotionen der nutzergenerierten Inhalte zu extrahieren. Unsere Literaturstudie zeigt allerdings, dass keine technischen Ansätze existieren, die Netzwerk- und Stimmungsanalysen kombinieren. Dieser Beitrag stellt das Design und die Implementierung einer solchen Web- Anwendung auf Basis von Twitter vor, um anschließend Potenziale und Herausforderungen für die Evaluation und Weiterentwicklung des Ansatzes zu diskutieren.

    @inproceedings{kaufhold_sentinet_2019,
    address = {Hamburg, Germany},
    title = {{SentiNet}: {Twitter}-basierter {Ansatz} zur kombinierten {Netzwerk}- und {Stimmungsanalyse} in {Katastrophenlagen}},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/25149/133-04.pdf},
    doi = {10.18420/muc2019-ws-133-04},
    abstract = {Das Forschungsfeld Social Media Analytics untersucht Methoden zur Analyse sozialer Medien nicht nur für Bürger und Unternehmen, sondern auch für Einsatzkräfte in Notsituationen. Zur Unterstützung des Situationsbewusstseins in derartigen Lagen werden unter anderem soziale Netzwerkanalysen angewandt, um Handlungen und die Vernetzung von Helfern nachzuvollziehen, sowie Stimmungsanalysen, um Emotionen der nutzergenerierten Inhalte zu extrahieren. Unsere Literaturstudie zeigt allerdings, dass keine technischen Ansätze existieren, die Netzwerk- und Stimmungsanalysen kombinieren. Dieser Beitrag stellt das Design und die Implementierung einer solchen Web- Anwendung auf Basis von Twitter vor, um anschließend Potenziale und Herausforderungen für die Evaluation und Weiterentwicklung des Ansatzes zu diskutieren.},
    booktitle = {Mensch und {Computer} 2019 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Kaufhold, Marc-André and Schmidt, Arne and Seifert, Fabienne and Riebe, Thea and Reuter, Christian},
    year = {2019},
    keywords = {Crisis, Projekt-KontiKat, SocialMedia},
    pages = {297--308},
    }

  • Thea Riebe, Marc-André Kaufhold, Tarun Kumar, Thomas Reinhold, Christian Reuter (2019)
    Threat Intelligence Application for Cyber Attribution
    SCIENCE PEACE SECURITY ’19 – Proceedings of the Interdisciplinary Conference on Technical Peace and Security Research Darmstadt, Germany.
    [BibTeX] [Abstract] [Download PDF]

    Attribution consists of technical, legal and politically defined processes. However, the interna- tional community has not yet defined processes unilaterally, even though the UN GGE has proposed to address the increase of cyber operations. Taking existing threat exchange stand- ards into account, this paper presents an approach to support efforts for more effective attrib- ution by developing a platform with the common open source threat exchange formats STIX and MEAC. Furthermore, the platform is evaluated in terms of usability.

    @inproceedings{riebe_threat_2019,
    address = {Darmstadt, Germany},
    title = {Threat {Intelligence} {Application} for {Cyber} {Attribution}},
    url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/9164},
    abstract = {Attribution consists of technical, legal and politically defined processes. However, the interna- tional community has not yet defined processes unilaterally, even though the UN GGE has proposed to address the increase of cyber operations. Taking existing threat exchange stand- ards into account, this paper presents an approach to support efforts for more effective attrib- ution by developing a platform with the common open source threat exchange formats STIX and MEAC. Furthermore, the platform is evaluated in terms of usability.},
    booktitle = {{SCIENCE} {PEACE} {SECURITY} '19 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
    publisher = {TUprints},
    author = {Riebe, Thea and Kaufhold, Marc-André and Kumar, Tarun and Reinhold, Thomas and Reuter, Christian},
    editor = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
    year = {2019},
    keywords = {Security, Student, Peace, Projekt-DualUse},
    pages = {56--60},
    }

  • Thea Riebe, Amanda Langer, Marc-André Kaufhold, Nina Katharina Kretschmer, Christian Reuter (2019)
    Werte und Wertekonflikte in sozialen Medien für die Vernetzung ungebundener Helfer in Krisensituationen – Ein Value-Sensitive Design Ansatz
    Mensch und Computer 2019 – Workshopband Hamburg, Germany. doi:10.18420/muc2019-ws-133-05
    [BibTeX] [Abstract] [Download PDF]

    Bereits während des Hochwassers in Mitteleuropa 2013 und der Flüchtlingskrise in Europa ab 2015 wurde deutlich, dass freiwillige HelferInnen die Bewältigung von Krisensituationen unterstützen. Durch die vermehrte Koordination der Helfenden, auch unter Ein- satz sozialer Medien, kommt es zunehmend zu Konflikten zwi- schen den teilweise kollidierenden Erwartungshaltungen periodi- sierter Werte der eingebundenen Akteure. Die Entwicklung von Kollaborationswerkzeugen mit Hilfe der Methode des Value-Sen- sitive Designs kann bereits im Vorfeld solche Konflikte aufzeigen und gezielt verhindern oder moderieren. Dazu wurde in einer Fall- studie anhand des Hochwassers 2013 induktiv abgeleitet, welche Werte und Erwartungen die unterschiedlichen Stakeholder haben, und welche Konflikte sich daraus im Hinblick auf die Anforderun- gen ergeben. Diese Studie zeigt insbesondere die Konfliktpotenzi- ale für freiwillige HelferInnen in sozialen Medien in Bezug auf den Schutz der Privatsphäre und vor Diskriminierung auf und leistet damit einen Beitrag für die Konflikt-Optimierung und Akzeptanz- steigerung des Einsatzes sozialer Medien im Katastrophenschutz.

    @inproceedings{riebe_werte_2019,
    address = {Hamburg, Germany},
    title = {Werte und {Wertekonflikte} in sozialen {Medien} für die {Vernetzung} ungebundener {Helfer} in {Krisensituationen} – {Ein} {Value}-{Sensitive} {Design} {Ansatz}},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/25150/133-05.pdf},
    doi = {10.18420/muc2019-ws-133-05},
    abstract = {Bereits während des Hochwassers in Mitteleuropa 2013 und der Flüchtlingskrise in Europa ab 2015 wurde deutlich, dass freiwillige HelferInnen die Bewältigung von Krisensituationen unterstützen. Durch die vermehrte Koordination der Helfenden, auch unter Ein- satz sozialer Medien, kommt es zunehmend zu Konflikten zwi- schen den teilweise kollidierenden Erwartungshaltungen periodi- sierter Werte der eingebundenen Akteure. Die Entwicklung von Kollaborationswerkzeugen mit Hilfe der Methode des Value-Sen- sitive Designs kann bereits im Vorfeld solche Konflikte aufzeigen und gezielt verhindern oder moderieren. Dazu wurde in einer Fall- studie anhand des Hochwassers 2013 induktiv abgeleitet, welche Werte und Erwartungen die unterschiedlichen Stakeholder haben, und welche Konflikte sich daraus im Hinblick auf die Anforderun- gen ergeben. Diese Studie zeigt insbesondere die Konfliktpotenzi- ale für freiwillige HelferInnen in sozialen Medien in Bezug auf den Schutz der Privatsphäre und vor Diskriminierung auf und leistet damit einen Beitrag für die Konflikt-Optimierung und Akzeptanz- steigerung des Einsatzes sozialer Medien im Katastrophenschutz.},
    booktitle = {Mensch und {Computer} 2019 - {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Riebe, Thea and Langer, Amanda and Kaufhold, Marc-André and Kretschmer, Nina Katharina and Reuter, Christian},
    year = {2019},
    keywords = {Crisis, Projekt-KontiKat, Security, Student, SocialMedia, Peace, Projekt-DualUse},
    pages = {308--318},
    }

  • Thea Riebe, Christian Reuter, Christian Reuter, Jürgen Altmann, Malte Göttsche, Mirko Himmel (2019)
    Accessing Dual Use in IT Development
    Darmstadt, Germany.
    [BibTeX] [Abstract] [Download PDF]

    The use of information technology (IT) in peace, conflict and security raises some questions, i.e. whether the use of IT can be limited exclusively to so-called advantageous purposes and applications and whether improper use can be prevented. This ambivalence is called a dual- use dilemma, meaning that objects, knowledge and technology can find both useful and harm- ful applications. Dual-use questions have been addressed in various disciplines, in particular in nuclear technology and the production of nuclear weapons, but also in chemistry and biology. In all these disciplines, dual-use topics in technical development and education have been discussed and addressed. Nevertheless, the importance of dual-use differs slightly, depending on the technology and its risks, as well as its distribution and application. Nuclear technology is less accessible than biotechnology, which in turn is less accessible than IT.

    @inproceedings{riebe_accessing_2019,
    address = {Darmstadt, Germany},
    title = {Accessing {Dual} {Use} in {IT} {Development}},
    url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/9164},
    abstract = {The use of information technology (IT) in peace, conflict and security raises some questions, i.e. whether the use of IT can be limited exclusively to so-called advantageous purposes and applications and whether improper use can be prevented. This ambivalence is called a dual- use dilemma, meaning that objects, knowledge and technology can find both useful and harm- ful applications. Dual-use questions have been addressed in various disciplines, in particular in nuclear technology and the production of nuclear weapons, but also in chemistry and biology. In all these disciplines, dual-use topics in technical development and education have been discussed and addressed. Nevertheless, the importance of dual-use differs slightly, depending on the technology and its risks, as well as its distribution and application. Nuclear technology is less accessible than biotechnology, which in turn is less accessible than IT.},
    publisher = {TUprints},
    author = {Riebe, Thea and Reuter, Christian and Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
    year = {2019},
    keywords = {Peace, Projekt-DualUse},
    pages = {46--49},
    }

  • Stefka Schmid, Thea Riebe, Christian Reuter (2019)
    Meaningful Human Control of Lethal Autonomous Weapon Systems
    In: Christian Reuter, Jürgen Altmann, Malte Göttsche, Mirko Himmel: SCIENCE PEACE SECURITY ’19 – Proceedings of the Interdisciplinary Conference on Technical Peace and Security Research. Darmstadt, Germany: TUprints, , 196–200.
    [BibTeX] [Abstract] [Download PDF]

    In the discussion of lethal autonomous weapon systems (LAWS) in the expert forum of the Convention on Certain Conventional Weapons (CCW), the interpretation of crucial concepts such as autonomy and human control is decisive for the future direction of international hu- manitarian law. Starting from the perspective of a synthesis of Actor-Network Theory (ANT) and Value-Sensitive-Design (VSD), we aim to analyse the discourse of LAWS and ask for pos- sibilities to implement Meaningful Human Control.

    @incollection{schmid_meaningful_2019,
    address = {Darmstadt, Germany},
    title = {Meaningful {Human} {Control} of {Lethal} {Autonomous} {Weapon} {Systems}},
    url = {https://tuprints.ulb.tu-darmstadt.de/id/eprint/9164},
    abstract = {In the discussion of lethal autonomous weapon systems (LAWS) in the expert forum of the Convention on Certain Conventional Weapons (CCW), the interpretation of crucial concepts such as autonomy and human control is decisive for the future direction of international hu- manitarian law. Starting from the perspective of a synthesis of Actor-Network Theory (ANT) and Value-Sensitive-Design (VSD), we aim to analyse the discourse of LAWS and ask for pos- sibilities to implement Meaningful Human Control.},
    booktitle = {{SCIENCE} {PEACE} {SECURITY} '19 - {Proceedings} of the {Interdisciplinary} {Conference} on {Technical} {Peace} and {Security} {Research}},
    publisher = {TUprints},
    author = {Schmid, Stefka and Riebe, Thea and Reuter, Christian},
    editor = {Reuter, Christian and Altmann, Jürgen and Göttsche, Malte and Himmel, Mirko},
    year = {2019},
    keywords = {Security, Student, Peace, Projekt-DualUse},
    pages = {196--200},
    }

  • Christian Reuter, Thea Riebe, Larissa Aldehoff, Marc-André Kaufhold, Thomas Reinhold (2019)
    Cyberwar zwischen Fiktion und Realität – technologische Möglichkeiten
    In: Ines-Jacqueline Werkner, Niklas Schörnig: Cyberwar – die Digitalisierung der Kriegsführung. Springer VS, , 15–38. doi:10.1007/978-3-658-27713-0
    [BibTeX] [Abstract] [Download PDF]

    Im Dezember 2017 wurde eine Invasion des deutschen Regierungsnetzwerks entdeckt; dieses vernetzt Bundesministerien und Behörden (vgl. Reinhold 2018a). Die Angreifer nutzten das Intranet der Hochschule des Bundes für öffentliche Verwaltung und der Bundesakademie für öffentliche Verwaltung als Einfallstor. Dieses ist der am wenigsten gesicherte Teil des Systems, da externe Teilnehmerinnen und Teilnehmer auch außerhalb der Einrichtung darauf zugreifen müssen, beispielsweise für Fortbildungen des Auswärtigen Amtes.

    @incollection{reuter_cyberwar_2019,
    title = {Cyberwar zwischen {Fiktion} und {Realität} – technologische {Möglichkeiten}},
    isbn = {978-3-658-27713-0},
    url = {https://peasec.de/paper/2019/2019_ReuterRiebeAldehoffKaufholdReinhold2019_CyberwarZwischenFiktionUndReal_Cyberwar.pdf},
    abstract = {Im Dezember 2017 wurde eine Invasion des deutschen Regierungsnetzwerks entdeckt; dieses vernetzt Bundesministerien und Behörden (vgl. Reinhold 2018a). Die Angreifer nutzten das Intranet der Hochschule des Bundes für öffentliche Verwaltung und der Bundesakademie für öffentliche Verwaltung als Einfallstor. Dieses ist der am wenigsten gesicherte Teil des Systems, da externe Teilnehmerinnen und Teilnehmer auch außerhalb der Einrichtung darauf zugreifen müssen, beispielsweise für Fortbildungen des Auswärtigen Amtes.},
    booktitle = {Cyberwar – die {Digitalisierung} der {Kriegsführung}},
    publisher = {Springer VS},
    author = {Reuter, Christian and Riebe, Thea and Aldehoff, Larissa and Kaufhold, Marc-André and Reinhold, Thomas},
    editor = {Werkner, Ines-Jacqueline and Schörnig, Niklas},
    year = {2019},
    doi = {10.1007/978-3-658-27713-0},
    keywords = {Security, Peace, Projekt-DualUse, Cyberwar},
    pages = {15--38},
    }

  • Thea Riebe, Christian Reuter (2019)
    Dual-Use in der IT: Bewertung in der Softwareentwicklung
    Wissenschaft & Frieden 2019-1: 2019.
    [BibTeX] [Abstract] [Download PDF]

    Der Einsatz von Informationstechnologie (IT) im Frieden ebenso wie in Konflikten und für Sicherheitszwecke wirft einige Fragen auf (Reuter 2019), u.a. ob die Nutzung von IT auf so genannte förderliche Zwecke und Anwendungen begrenzt und eine schädliche Nutzung verhindert werden kann (Riebe und Reuter 2019). Diese Ambivalenz wird als Dual-use-Dilemma bezeichnet und bedeutet, dass Gegenstände, Wissen und Technologie sowohl nützliche als auch schädliche Anwendung fi nden können. Dual-use-Fragen stellen sich in ganz unterschiedlichen technischen und naturwissenschaftlichen Disziplinen, insbesondere in der Nukleartechnologie sowie in der Chemie und Biologie. Dabei unterscheidet sich die Bedeutung von Dual-use je nach Technologie, ihren spezifi schen Risiken und Szenarien sowie ihrer Distribution und Anwendung. Konkret bedeutet dies: Sicherheitspolitische Risikoszenarien und Anwender der Nukleartechnologie unterscheiden sich erheblich von denen der IT.

    @techreport{riebe_dual-use_2019,
    address = {Wissenschaft \& Frieden 2019-1},
    title = {Dual-{Use} in der {IT}: {Bewertung} in der {Softwareentwicklung}},
    url = {http://www.peasec.de/paper/2019/2019_RiebeReuter_DualUse_WuF.pdf},
    abstract = {Der Einsatz von Informationstechnologie (IT) im Frieden ebenso wie in Konflikten und für Sicherheitszwecke wirft einige Fragen auf (Reuter 2019), u.a. ob die Nutzung von IT auf so genannte förderliche Zwecke und Anwendungen begrenzt und eine schädliche Nutzung verhindert werden kann (Riebe und Reuter 2019). Diese Ambivalenz wird als Dual-use-Dilemma bezeichnet und bedeutet, dass Gegenstände, Wissen und Technologie sowohl nützliche als auch schädliche Anwendung fi nden können. Dual-use-Fragen stellen sich in ganz unterschiedlichen technischen und naturwissenschaftlichen Disziplinen, insbesondere in der Nukleartechnologie sowie in der Chemie und Biologie. Dabei unterscheidet sich die Bedeutung von Dual-use je nach Technologie, ihren spezifi schen Risiken und Szenarien sowie ihrer Distribution und Anwendung. Konkret bedeutet dies: Sicherheitspolitische Risikoszenarien und Anwender der Nukleartechnologie unterscheiden sich erheblich von denen der IT.},
    author = {Riebe, Thea and Reuter, Christian},
    year = {2019},
    keywords = {Projekt-KontiKat, Peace, Projekt-DualUse},
    pages = {46--48},
    }

  • Christian Reuter, Konstantin Aal, Larissa Aldehoff, Jürgen Altmann, Johannes Buchmann, Ute Bernhardt, Kai Denker, Dominik Herrmann, Matthias Hollick, Stefan Katzenbeisser, Marc-André Kaufhold, Alfred Nordmann, Thomas Reinhold, Thea Riebe, Annette Ripper, Ingo Ruhmann, Klaus-Peter Saalbach, Niklas Schörnig, Ali Sunyaev, Volker Wulf (2019)
    The Future of IT in Peace and Security
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg, , 405–413. doi:10.1007/978-3-658-25652-4_19
    [BibTeX] [Abstract] [Download PDF]

    Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.

    @incollection{reuter_future_2019,
    address = {Wiesbaden, Germany},
    title = {The {Future} of {IT} in {Peace} and {Security}},
    isbn = {978-3-658-25652-4},
    url = {https://www.springer.com/de/book/9783658256517},
    abstract = {Not only today, but also in the future information technology and the advances in the field of computer science will have a high relevance for peace and security. Naturally, a textbook like this can only cover a selective part of research and a certain point in time. Nonetheless, it can be attempted to identify trends, challenges and venture an outlook into the future. That is exactly what we want to achieve in this chapter: To predict fu-ture developments and try to classify them correctly. These considerations were made both by the editor and the authors involved alike. Therefore, an outlook based on fun-damentals, cyber conflicts and war, cyber peace, cyber arms control, infrastructures as well as social interaction is given.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Aal, Konstantin and Aldehoff, Larissa and Altmann, Jürgen and Buchmann, Johannes and Bernhardt, Ute and Denker, Kai and Herrmann, Dominik and Hollick, Matthias and Katzenbeisser, Stefan and Kaufhold, Marc-André and Nordmann, Alfred and Reinhold, Thomas and Riebe, Thea and Ripper, Annette and Ruhmann, Ingo and Saalbach, Klaus-Peter and Schörnig, Niklas and Sunyaev, Ali and Wulf, Volker},
    editor = {Reuter, Christian},
    year = {2019},
    doi = {10.1007/978-3-658-25652-4_19},
    keywords = {HCI, Projekt-CRISP, Projekt-CROSSING, Security, UsableSec, Peace},
    pages = {405--413},
    }

  • Christian Reuter, Larissa Aldehoff, Thea Riebe, Marc-André Kaufhold (2019)
    IT in Peace, Conflict, and Security Research
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg, , 11–37. doi:10.1007/978-3-658-25652-4_2
    [BibTeX] [Abstract] [Download PDF]

    Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.

    @incollection{reuter_it_2019,
    address = {Wiesbaden, Germany},
    title = {{IT} in {Peace}, {Conflict}, and {Security} {Research}},
    isbn = {978-3-658-25652-4},
    url = {https://www.springer.com/de/book/9783658256517},
    abstract = {Advances in science and technology play a crucial role in the context of peace, conflict and security. As information technology (IT) is becoming omnipresent, this includes both the resilience of IT infrastructures e.g. as a target in cases of conflict and the role of IT applications to prevent and manage conflicts, crises and disasters. This chapter is an introduction to IT and its role in war and peace, in conflicts and crises as well as in safety and security. Based on those connections a new field of research has emerged: IT peace research. It is introduced in this chapter which provides an overview of the inter-disciplinary concepts of peace, conflict and security. In addition, the research disciplines computer science and peace and conflict studies as the basis of IT peace research are explained. Moreover, the chapter focuses on the specific research topics of IT peace research and presents the institutionalised research landscape in Germany.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Reuter, Christian and Aldehoff, Larissa and Riebe, Thea and Kaufhold, Marc-André},
    editor = {Reuter, Christian},
    year = {2019},
    doi = {10.1007/978-3-658-25652-4_2},
    keywords = {HCI, Projekt-CRISP, Security, Infrastructure, Peace},
    pages = {11--37},
    }

  • Thea Riebe, Christian Reuter (2019)
    Dual Use and Dilemmas for Cybersecurity, Peace and Technology Assessment
    In: Christian Reuter: Information Technology for Peace and Security – IT-Applications and Infrastructures in Conflicts, Crises, War, and Peace. Wiesbaden, Germany: Springer Vieweg, , 165–184. doi:10.1007/978-3-658-25652-4_8
    [BibTeX] [Abstract] [Download PDF]

    Dual-use in information technology is a pressing issue: how can we prevent, control or manage the risk of a harmful application of IT? How can dual-use awareness and regu-lation help to mitigate the risks to peace and security on the national and international level? As the cyberspace has been declared a military domain, IT is of increasing im-portance for civil and military infrastructures. How can researchers, developers and decision makers make sure that IT is not misused to cause harm? For nuclear, biological and chemical technologies this has been discussed as the dual-use problem. This chapter illustrates the approaches towards different dual-use concepts, how to conduct a tech-nology assessment and provides insight into the implementation of dual-use assessment guidelines at TU Darmstadt, the so-called Civil Clause.

    @incollection{riebe_dual_2019,
    address = {Wiesbaden, Germany},
    title = {Dual {Use} and {Dilemmas} for {Cybersecurity}, {Peace} and {Technology} {Assessment}},
    isbn = {978-3-658-25652-4},
    url = {https://www.springer.com/de/book/9783658256517},
    abstract = {Dual-use in information technology is a pressing issue: how can we prevent, control or manage the risk of a harmful application of IT? How can dual-use awareness and regu-lation help to mitigate the risks to peace and security on the national and international level? As the cyberspace has been declared a military domain, IT is of increasing im-portance for civil and military infrastructures. How can researchers, developers and decision makers make sure that IT is not misused to cause harm? For nuclear, biological and chemical technologies this has been discussed as the dual-use problem. This chapter illustrates the approaches towards different dual-use concepts, how to conduct a tech-nology assessment and provides insight into the implementation of dual-use assessment guidelines at TU Darmstadt, the so-called Civil Clause.},
    booktitle = {Information {Technology} for {Peace} and {Security} - {IT}-{Applications} and {Infrastructures} in {Conflicts}, {Crises}, {War}, and {Peace}},
    publisher = {Springer Vieweg},
    author = {Riebe, Thea and Reuter, Christian},
    editor = {Reuter, Christian},
    year = {2019},
    doi = {10.1007/978-3-658-25652-4_8},
    keywords = {Projekt-KontiKat, Projekt-CRISP, Peace, Projekt-DualUse},
    pages = {165--184},
    }

    2018

  • Marc-André Kaufhold, Christian Reuter, Thea Riebe, Elmar von Radziewski (2018)
    Design eines BCM-Dashboards für kleine und mittlere Unternehmen
    Mensch und Computer 2018: Workshopband Dresden, Germany.
    [BibTeX] [Abstract] [Download PDF]

    Business Continuity Management (BCM) ist definiert als ganzheitlicher Managementprozess, der poten-zielle Bedrohungen für Organisationen und die Auswirkungen ermittelt, sowie ein Gerüst zum Aufbau der Belastbarkeit einer Organisation bereitstellt. Bereits existierende Ansätze in der Forschung legen den Fokus allerdings auf große Konzerne, während die Umsetzung eines BCM-Konzepts für kleine und mittlere Unternehmen (KMU) oft an den knappen finanziellen und personellen Ressourcen, aber auch an der Komplexität des BCM scheitert. Um KMU bei der Implementierung eines an deren Bedürfnisse angepasstem BCM-Systems (BCMS) zu unterstützen, gibt es in der Forschung nur wenige Lösungsan-sätze. Dieser Artikel stellt auf Basis einer empirischen Studie, welche Umsetzungsfaktoren für BCM und Anforderungen für BCMS untersucht, das prototypische Design eines BCM-Dashboards vor, welches mit wenig Konfigurationsaufwand möglichst relevante externe und interne Gefahrenquellen in einer kom-pakten Übersicht darzustellen vermag.

    @inproceedings{kaufhold_design_2018,
    address = {Dresden, Germany},
    title = {Design eines {BCM}-{Dashboards} für kleine und mittlere {Unternehmen}},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/16796/Beitrag_453_final__a.pdf},
    abstract = {Business Continuity Management (BCM) ist definiert als ganzheitlicher Managementprozess, der poten-zielle Bedrohungen für Organisationen und die Auswirkungen ermittelt, sowie ein Gerüst zum Aufbau der Belastbarkeit einer Organisation bereitstellt. Bereits existierende Ansätze in der Forschung legen den Fokus allerdings auf große Konzerne, während die Umsetzung eines BCM-Konzepts für kleine und mittlere Unternehmen (KMU) oft an den knappen finanziellen und personellen Ressourcen, aber auch an der Komplexität des BCM scheitert. Um KMU bei der Implementierung eines an deren Bedürfnisse angepasstem BCM-Systems (BCMS) zu unterstützen, gibt es in der Forschung nur wenige Lösungsan-sätze. Dieser Artikel stellt auf Basis einer empirischen Studie, welche Umsetzungsfaktoren für BCM und Anforderungen für BCMS untersucht, das prototypische Design eines BCM-Dashboards vor, welches mit wenig Konfigurationsaufwand möglichst relevante externe und interne Gefahrenquellen in einer kom-pakten Übersicht darzustellen vermag.},
    booktitle = {Mensch und {Computer} 2018: {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Kaufhold, Marc-André and Reuter, Christian and Riebe, Thea and von Radziewski, Elmar},
    editor = {Dachselt, Raimund and Weber, Gerhard},
    year = {2018},
    keywords = {Crisis, Projekt-KontiKat, HCI, Student, Infrastructure},
    pages = {579--586},
    }

  • Marc-André Kaufhold, Thea Riebe, Christian Reuter, Julian Hester, Danny Jeske, Lisa Knüver, Viktoria Richert (2018)
    Business Continuity Management in Micro Enterprises: Perception, Strategies and Use of ICT
    International Journal of Information Systems for Crisis Response and Management (IJISCRAM) ;10(1):1–19. doi:10.4018/IJISCRAM.2018010101
    [BibTeX] [Abstract] [Download PDF]

    Small and medium-sized enterprises (SMEs) represent 99\% of enterprises in Germany and more than 95\% in the European Union. Given the recent increase of natural disasters and man-made crises and emergencies, it seems an important economic goal to ascertain that SMEs are capable of maintaining their work, revenue and profit at an acceptable level. According to ISO 22301, business continuity management (BCM) is a holistic management process which identifies potential threats and their impact to an organization and serves as a framework to increase organizational resilience and response capabilities. Prior research identified that BCM is under-represented in SMEs and that their security level is partially in an uneconomical range. This article presents the analysis of interviews with 19 independent micro enterprises highlighting findings on their low crisis awareness, varying technical dependency, existing action strategies and communication strategies and proposing a categorization of micro enterprises as preventive technicians, data-intensive chains or pragmatic jumpers.

    @article{kaufhold_business_2018,
    title = {Business {Continuity} {Management} in {Micro} {Enterprises}: {Perception}, {Strategies} and {Use} of {ICT}},
    volume = {10},
    url = {http://www.peasec.de/paper/2018/2018_KaufholdRiebeReuteretal_BusinessContinuityManagementinMicroEnterprises_IJISCRAM.pdf},
    doi = {10.4018/IJISCRAM.2018010101},
    abstract = {Small and medium-sized enterprises (SMEs) represent 99\% of enterprises in Germany and more than 95\% in the European Union. Given the recent increase of natural disasters and man-made crises and emergencies, it seems an important economic goal to ascertain that SMEs are capable of maintaining their work, revenue and profit at an acceptable level. According to ISO 22301, business continuity management (BCM) is a holistic management process which identifies potential threats and their impact to an organization and serves as a framework to increase organizational resilience and response capabilities. Prior research identified that BCM is under-represented in SMEs and that their security level is partially in an uneconomical range. This article presents the analysis of interviews with 19 independent micro enterprises highlighting findings on their low crisis awareness, varying technical dependency, existing action strategies and communication strategies and proposing a categorization of micro enterprises as preventive technicians, data-intensive chains or pragmatic jumpers.},
    number = {1},
    journal = {International Journal of Information Systems for Crisis Response and Management (IJISCRAM)},
    author = {Kaufhold, Marc-André and Riebe, Thea and Reuter, Christian and Hester, Julian and Jeske, Danny and Knüver, Lisa and Richert, Viktoria},
    year = {2018},
    keywords = {Crisis, Projekt-KontiKat, Security, Student, Infrastructure, Cooperation, RSF, Projekt-MAKI},
    pages = {1--19},
    }

  • Thea Riebe, Katja Pätsch, Marc-André Kaufhold, Christian Reuter (2018)
    From Conspiracies to Insults: A Case Study of Radicalisation in Social Media Discourse
    Mensch und Computer 2018: Workshopband Dresden, Germany.
    [BibTeX] [Abstract] [Download PDF]

    Online radicalisation is often linked to discourses on social media. In this context, the question arises how populist online discourses radicalise in social media platforms. With a quantitative content analysis of supporters of the German party “Alternative für Deutschland (AfD)” and their contributions on Facebook between March 2014 and May 2017, this preliminary analysis illustrates how the discourse shifts from a dominantly neutral debate to insult-driven and dis-criminatory contributions. It provides insights into the dynamic of political social media dis-courses and shows a tendency of correlating language style and topics that can be further studied in Social Media Analytics.

    @inproceedings{riebe_conspiracies_2018,
    address = {Dresden, Germany},
    title = {From {Conspiracies} to {Insults}: {A} {Case} {Study} of {Radicalisation} in {Social} {Media} {Discourse}},
    url = {https://dl.gi.de/bitstream/handle/20.500.12116/16795/Beitrag_449_final__a.pdf},
    abstract = {Online radicalisation is often linked to discourses on social media. In this context, the question arises how populist online discourses radicalise in social media platforms. With a quantitative content analysis of supporters of the German party “Alternative für Deutschland (AfD)” and their contributions on Facebook between March 2014 and May 2017, this preliminary analysis illustrates how the discourse shifts from a dominantly neutral debate to insult-driven and dis-criminatory contributions. It provides insights into the dynamic of political social media dis-courses and shows a tendency of correlating language style and topics that can be further studied in Social Media Analytics.},
    booktitle = {Mensch und {Computer} 2018: {Workshopband}},
    publisher = {Gesellschaft für Informatik e.V.},
    author = {Riebe, Thea and Pätsch, Katja and Kaufhold, Marc-André and Reuter, Christian},
    editor = {Dachselt, Raimund and Weber, Gerhard},
    year = {2018},
    keywords = {Crisis, Projekt-KontiKat, HCI, Projekt-CRISP, Student, SocialMedia, Peace},
    pages = {595--603},
    }

  • Thea Riebe, Alfred Nordmann, Christian Reuter (2018)
    Responsible Research and Innovation: Interdisziplinärer Workshop von IANUS und Schader-Stiftung
    Wissenschaft & Frieden: 2018.
    [BibTeX] [Abstract] [Download PDF]

    Statt der Forschung ethische, rechtliche, gesellschaftliche Refl exion nur beizuge-sellen, verlangt Responsible Research and Innovation (RRI), dass sich Forschung an europäischen Werten – den Werten der Europäischen Union – orientiert. Um diese Öff nung zu gewährleisten, setzt RRI zunächst nicht auf spezifi sche Werte, sondern prozedural auf eine Forschung, die Folgen antizipiert, unterschiedliche Interessen und Wertvorstellungen inklu-diert, sich selbst refl ektiert und in die Verantwortung nehmen lässt. Doch was heißt das ?

    @techreport{riebe_responsible_2018,
    address = {Wissenschaft \& Frieden},
    title = {Responsible {Research} and {Innovation}: {Interdisziplinärer} {Workshop} von {IANUS} und {Schader}-{Stiftung}},
    url = {http://www.peasec.de/paper/2018/2018_RiebeNordmannReuter_RRI_WuF.pdf},
    abstract = {Statt der Forschung ethische, rechtliche, gesellschaftliche Refl exion nur beizuge-sellen, verlangt Responsible Research and Innovation (RRI), dass sich Forschung an europäischen Werten – den Werten der Europäischen Union – orientiert. Um diese Öff nung zu gewährleisten, setzt RRI zunächst nicht auf spezifi sche Werte, sondern prozedural auf eine Forschung, die Folgen antizipiert, unterschiedliche Interessen und Wertvorstellungen inklu-diert, sich selbst refl ektiert und in die Verantwortung nehmen lässt. Doch was heißt das ?},
    author = {Riebe, Thea and Nordmann, Alfred and Reuter, Christian},
    year = {2018},
    keywords = {Projekt-KontiKat, Projekt-CRISP, Peace, Projekt-DualUse},
    pages = {60--61},
    }

    Vorherige:

    Magdalena von Drachenfels, Thea Riebe (2017) Normative Ordnungen des Digitalen – Konferenzbericht, Frankfurt a.M.: sicherheitspolitik-blog.de

    Thea Riebe, Jens Geisse (2017) Warum die Cyber-Sicherheitskultur ein Update braucht, Frankfurt a.M.: sicherheitspolitik-blog.de, url

    Thea Riebe (2016) Sicherheit durch Überwachung, FIfF-Kommunikation(2), S. 11-13, pdf

    Thea Riebe (2014) Das Internet darf ein cyberfreier Raum sein, Frankfurt a.M.: sicherheitspolitik-blog.de