@article{riebe_us_2022,
title = {U.{S}. {Security} {Policy}: {The} {Dual}-{Use} {Regulation} of {Cryptography} and its {Effects} on {Surveillance}},
url = {https://link.springer.com/content/pdf/10.1007/s41125-022-00080-0.pdf},
doi = {10.1007/s41125-022-00080-0},
abstract = {Cryptography has become ubiquitous in communication technology and is considered a necessary part of information security. However, both the regulation to restrict access to cryptography, as well as practices to weaken or break encryption, are part of the States’ security policies. The United States (U.S.) regulate cryptography for export in international trade as a dual-use good. However, the regulation has been increasingly loosened and transferred to bilateral agreements with Information and Communication Technology companies. At the same time, the National Security Agency attempted to implement a government encryption standard to guarantee itself easier access to data, thus progressively expanding surveillance on non-U.S. citizens. In this paper, using comparative policy analysis, we examine the evolution of both security policies by tracing the historical development of U.S. regulation of cryptography as a dual-use good, and surveillance technologies, and practices used from the 1990s to today. We conclude that the impact of the dual-use regulation has affected the efficiency of surveillance technology, by loosening regulations only for mass communication services, thereby supporting the proliferation of surveillance intermediaries, while working on strategies to collaborate and exploit their coverage.},
journal = {European Journal for Security Research},
author = {Riebe, Thea and Kuehn, Philipp and Imperatori, Philipp and Reuter, Christian},
year = {2022},
keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Projekt-CROSSING, Security, Student},
}

@inproceedings{basyurt_help_2022,
address = {Nürnberg},
title = {Help {Wanted} - {Challenges} in {Data} {Collection}, {Analysis} and {Communication} of {Cyber} {Threats} in {Security} {Operation} {Centers}},
url = {http://www.peasec.de/paper/2022/2022_BasyourtFrommKuehnKaufholdMirabaie_HelpWantedChallengesDataCollectionAnalysisCommunication_WI.pdf},
abstract = {Security Operation Centers are tasked with collecting and analyzing cyber threat data from multiple sources to communicate warning messages and solutions. These tasks are extensive and resource consuming, which makes supporting approaches valuable to experts. However, to implement such approaches, information about the challenges these experts face while performing these tasks is necessary. We therefore conducted semi-structured expert interviews to identify these challenges. By doing so, valuable insights into these challenges based on expert knowledge is acquired, which in return could be leveraged to develop automated approaches to support experts and address these challenges.},
booktitle = {Proceedings of the {International} {Conference} on {Wirtschaftsinformatik} ({WI})},
author = {Basyurt, Ali Sercan and Fromm, Jennifer and Kuehn, Philipp and Kaufhold, Marc-André and Mirabaie, Milad},
year = {2022},
keywords = {Projekt-CYWARN, Security, Ranking-CORE-C},
}

@inproceedings{kuehn_ovana_2021,
title = {{OVANA}: {An} {Approach} to {Analyze} and {Improve} the {Information} {Quality} of {Vulnerability} {Databases}},
isbn = {978-1-4503-9051-4},
url = {https://peasec.de/paper/2021/2021_KuehnBayerWendelbornReuter_OVANAQualityVulnerabilityDatabases_ARES.pdf},
doi = {10.1145/3465481.3465744},
abstract = {Vulnerability databases are one of the main information sources for IT security experts. Hence, the quality of their information is of utmost importance for anyone working in this area. Previous work has shown that machine readable information is either missing, incorrect, or inconsistent with other data sources. In this paper, we introduce a system called Overt Vulnerability source ANAlysis (OVANA), utilizing state-of-the-art machine learning (ML) and natural-language processing (NLP) techniques, which analyzes the information quality (IQ) of vulnerability databases, searches the free-form description for relevant information missing from structured fields, and updates it accordingly. Our paper shows that OVANA is able to improve the IQ of the National Vulnerability Database by 51.23\% based on the indicators of accuracy, completeness, and uniqueness. Moreover, we present information which should be incorporated into the structured fields to increase the uniqueness of vulnerability entries and improve the discriminability of different vulnerability entries. The identified information from OVANA enables a more targeted vulnerability search and provides guidance for IT security experts in finding relevant information in vulnerability descriptions for severity assessment.},
booktitle = {Proceedings of the 16th {International} {Conference} on {Availability}, {Reliability} and {Security}},
publisher = {ACM},
author = {Kuehn, Philipp and Bayer, Markus and Wendelborn, Marc and Reuter, Christian},
year = {2021},
keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Security, Peace, Ranking-CORE-B, AuswahlPeace},
pages = {1--11},
}

@inproceedings{kaufhold_cywarn_2021,
address = {Bonn},
series = {Mensch und {Computer} 2021 - {Workshopband}},
title = {{CYWARN}: {Strategy} and {Technology} {Development} for {Cross}-{Platform} {Cyber} {Situational} {Awareness} and {Actor}-{Specific} {Cyber} {Threat} {Communication}},
url = {https://peasec.de/paper/2021/2021_Kaufholdetal_CYWARN-CyberSituationalAwareness_MuC-WS.pdf},
doi = {10.18420/muc2021-mci-ws08-263},
abstract = {Despite the merits of digitisation in private and professional spaces, critical infrastructures and societies are increasingly ex-posed to cyberattacks. Thus, Computer Emergency Response Teams (CERTs) are deployed in many countries and organisations to enhance the preventive and reactive capabilities against cyberattacks. However, their tasks are getting more complex by the increasing amount and varying quality of information dissem-inated into public channels. Adopting the perspectives of Crisis Informatics and safety-critical Human-Computer Interaction (HCI) and based on both a narrative literature review and group discussions, this paper first outlines the research agenda of the CYWARN project, which seeks to design strategies and technolo-gies for cross-platform cyber situational awareness and actor-spe-cific cyber threat communication. Second, it identifies and elabo-rates eight research challenges with regard to the monitoring, analysis and communication of cyber threats in CERTs, which serve as a starting point for in-depth research within the project.},
booktitle = {Workshop-{Proceedings} {Mensch} und {Computer}},
publisher = {Gesellschaft für Informatik},
author = {Kaufhold, Marc-André and Fromm, Jennifer and Riebe, Thea and Mirbabaie, Milad and Kuehn, Philipp and Basyurt, Ali Sercan and Bayer, Markus and Stöttinger, Marc and Eyilmez, Kaan and Möller, Reinhard and Fuchß, Christoph and Stieglitz, Stefan and Reuter, Christian},
year = {2021},
keywords = {Projekt-CYWARN, Security},
}

@inproceedings{riebe_cysecalert_2021,
title = {{CySecAlert}: {An} {Alert} {Generation} {System} for {Cyber} {Security} {Events} {Using} {Open} {Source} {Intelligence} {Data}},
url = {https://peasec.de/paper/2021/2021_RiebeWirthBayerKuehnKaufholdKnautheGutheReuter_CySecAlertOpenSourceIntelligence_ICICS.pdf},
doi = {10.1007/978-3-030-86890-1_24},
abstract = {Receiving relevant information on possible cyber threats, attacks, and data breaches in a timely manner is crucial for early response. The social media platform Twitter hosts an active cyber security community. Their activities are often monitored manually by security experts, such as Computer Emergency Response Teams (CERTs). We thus propose a Twitter-based alert generation system that issues alerts to a system operator as soon as new relevant cyber security related topics emerge. Thereby, our system allows us to monitor user accounts with significantly less workload. Our system applies a supervised classifier, based on active learning, that detects tweets containing relevant information. The results indicate that uncertainty sampling can reduce the amount of manual relevance classification effort and enhance the classifier performance substantially compared to random sampling. Our approach reduces the number of accounts and tweets that are needed for the classifier training, thus making the tool easily and rapidly adaptable to the specific context while also supporting data minimization for Open Source Intelligence (OSINT). Relevant tweets are clustered by a greedy stream clustering algorithm in order to identify significant events. The proposed system is able to work near real-time within the required 15-minutes time frame and detects up to 93.8\% of relevant events with a false alert rate of 14.81\%.},
booktitle = {Information and {Communications} {Security}},
author = {Riebe, Thea and Wirth, Tristan and Bayer, Markus and Kuehn, Philipp and Kaufhold, Marc-André and Knauthe, Volker and Guthe, Stefan and Reuter, Christian},
year = {2021},
keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Security, Student, UsableSec, Ranking-CORE-B},
pages = {429--446},
}

@article{egert_towards_2021,
series = {i-com},
title = {Towards {Resilient} {Critical} {Infrastructures} - {Motivating} {Users} to {Contribute} to {Smart} {Grid} {Resilience}},
volume = {20},
doi = {10.1515/icom-2021-0021},
abstract = {Smart cities aim at improving efficiency while providing safety and security by merging conventional infrastructures with information and communication technology. One strategy for mitigating hazardous situations and improving the overall resilience of the system is to involve citizens. For instance, smart grids involve prosumers - capable of producing and consuming electricity - who can adjust their electricity profile dynamically (i.e., decrease or increase electricity consumption), or use their local production to supply electricity to the grid. This mitigates the impact of peak-consumption periods on the grid and makes it easier for operators to control the grid. This involvement of prosumers is accompanied by numerous socio-technical challenges, including motivating citizens to contribute by adjusting their electricity consumption to the requirements of the energy grid. Towards this end, this work investigates motivational strategies and tools, including nudging, persuasive technologies, and incentives, that can be leveraged to increase the motivation of citizens. We discuss long-term and side effects and ethical and privacy considerations, before portraying bug bounty programs, gamification and apps as technologies and strategies to communicate the motivational strategies to citizens.},
number = {2},
journal = {i-com - Journal of Interactive Media},
author = {Egert, Rolf and Gerber, Nina and Haunschild, Jasmin and Kuehn, Philipp and Zimmermann, Verena},
year = {2021},
keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Security, Infrastructure, Projekt-emergenCITY},
pages = {161--175},
}

@article{kuehn_sharing_2020,
title = {Sharing of {Cyber} {Threat} {Intelligence} between {States}},
volume = {38},
url = {http://www.peasec.de/paper/2020/2020_KuehnRiebeApeltJansenReuter_SharingCyberThreatIntelligence_SF.pdf},
doi = {10.5771/0175-274X-2020-1-22},
abstract = {Threats in cyberspace have increased in recent years due to the increment of offensive capabilities by states. Approaches to mitigate the security dilemma in cyberspace within the UN are deadlocked, as states have not been able to achieve agreements. However, from the perspective of IT-Security, there are Cyber Threat Intelligence (CTI) platforms to share and analyze cyber threats for a collective crisis management. To investigate, whether or not CTI platforms can be used as a confidence-building measure between states and international organizations, we portray current CTI platforms, showcase political requirements, and answer the question of how CTI communication may contribute to confidence-building in international affairs. Our results suggest the need to further develop analytical capabilities, as well as the implementation of a broad social, political, and legal environment for international CTI sharing.},
number = {1},
journal = {S+F Sicherheit und Frieden / Peace and Security},
author = {Kuehn, Philipp and Riebe, Thea and Apelt, Lynn and Jansen, Max and Reuter, Christian},
year = {2020},
keywords = {Projekt-ATHENE-SecUrban, Projekt-CYWARN, Security, Student, Peace, Projekt-DualUse, Cyberwar},
pages = {22--28},
}