Publications

Markus Huber and Martin Mulazzani and Edgar R. Weippl, "Who On Earth Is Mr. Cypher? Automated Friend Injection Attacks on Social Networking Sites," in Proceedings of the IFIP International Information Security Conference 2010: Security \& Privacy — Silver Linings in the Cloud, 2010. BibTeX | PDF

@inproceedings{Huber_FriendInjectionAttacks_2010, Author = {Markus Huber and Martin Mulazzani and {Edgar R. } Weippl}, title = {Who On Earth Is Mr. Cypher? Automated Friend Injection Attacks on Social Networking Sites}, booktitle = {Proceedings of the IFIP International Information Security Conference 2010: Security \& Privacy --- Silver Linings in the Cloud}, year = {2010}, pdf = {sec2010-friendInjection_preprint.pdf} }
Stefan Fenz, "Ontology-based Generation of IT-Security Metrics," in Proceedings of the 2010 ACM Symposium on Applied Computing, 2010, pp. 1833-1839. BibTeX | PDF

@INPROCEEDINGS{Fenz2010, Pdf = {2010FenzOntologybasedGenerationMetrics.pdf}, author = {Stefan Fenz}, title = {Ontology-based Generation of {IT}-Security Metrics}, booktitle = {Proceedings of the 2010 ACM Symposium on Applied Computing}, year = {2010}, pages = {1833-1839} }
Martin Mulazzani and Markus Huber and Edgar Weippl, "Anonymity \& Monitoring: How to Monitor the Infrastructure of an Anonymity System," in IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, 2010. BibTeX

@INPROCEEDINGS{Mulazzani_TorMonitoringInfrastructure_2010, Author = {Martin Mulazzani and Markus Huber and Edgar Weippl}, title = {Anonymity \& Monitoring: How to Monitor the Infrastructure of an Anonymity System}, booktitle = {IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews}, year = {2010} }
Tobias Lauinger and Veikko Pankakoski and Engin Kirda, "Honeybot, Your Man in the Middle for Automated Social Engineering," in Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2010), 2010. BibTeX | PDF

@inproceedings{Lauinger_Honeybot2010, title = {Honeybot, Your Man in the Middle for Automated Social Engineering}, author = {Tobias Lauinger and Veikko Pankakoski and Engin Kirda}, year = {2010}, booktitle = {Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2010)}, pdf = {autosoc-leet2010.pdf} }
Gilbert Wondracek and Thorsten Holz and Christian Platzer and Engin Kirda and Christopher Kruegel, "Is the Internet for Porn? An Insight into the Online Adult Industry," in Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS 2010), 2010. BibTeX | PDF

@inproceedings{Wondracek_InternetPorn2010, title = {Is the Internet for Porn? An Insight into the Online Adult Industry}, author = {Gilbert Wondracek and Thorsten Holz and Christian Platzer and Engin Kirda and Christopher Kruegel}, year = {2010}, booktitle = {Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS 2010)}, pdf = {weis2010_wondracek.pdf} }

View all publications

Stefan Fenz, "Ontology-based Generation of IT-Security Metrics," in Proceedings of the 2010 ACM Symposium on Applied Computing, 2010, pp. 1833-1839. BibTeX | PDF

@INPROCEEDINGS{Fenz2010, Pdf = {2010FenzOntologybasedGenerationMetrics.pdf}, author = {Stefan Fenz}, title = {Ontology-based Generation of {IT}-Security Metrics}, booktitle = {Proceedings of the 2010 ACM Symposium on Applied Computing}, year = {2010}, pages = {1833-1839} }
Edgar R. Weippl, "Data Warehousing Design and Advanced Engineering Applications: Methods for Complex Construction." , 2010, pp. 272-279. BibTeX | PDF

@INBOOK{Weippl_SecurityinDataWarehouses_2010, Pdf = {weippl_arh_securityDWH.pdf}, pages = {272--279}, title = {Data Warehousing Design and Advanced Engineering Applications: Methods for Complex Construction}, year = {2010}, author = {{Edgar R.} Weippl} }
Nicolas Racz and Andreas Seufert and Edgar R. Weippl, "Role of Learning Styles \& Affective States in Web-based Adaptive Learning Environments," in Proceedings of ED-MEDIA, 2010. BibTeX | PDF

@INPROCEEDINGS{weippl_bzzf_2010_Racz, Author = {Nicolas Racz and Andreas Seufert and {Edgar R. } Weippl}, title = {A process model for integrated IT governance, risk, and compliance management}, booktitle = {Proceedings of the Ninth Conference on Databases and Information Systems (DB\&IS 2010)}, year = {2010}, pdf = {Papers\Weippl\bzzf_2010_Racz.pdf}, title = {Role of Learning Styles \& Affective States in Web-based Adaptive Learning Environments}, booktitle = {Proceedings of ED-MEDIA}, year = {2010}, pdf = {Papers\Weippl\bzzh_2010_learningStyles_EDMEDIA.pdf} }
Nicolas Racz and Andreas Seufert and Edgar R. Weippl, "A Frame of Reference for Research of Integrated Governance, Risk \& Compliance (GRC)," in Proceedings of IFIP CMS 2010, 2010. BibTeX | PDF

@INPROCEEDINGS{weippl_bzze_2010_CMS_Racz, Author = {Nicolas Racz and Andreas Seufert and {Edgar R. } Weippl}, title = {A Frame of Reference for Research of Integrated Governance, Risk \& Compliance (GRC)}, booktitle = {Proceedings of IFIP CMS 2010}, year = {2010}, pdf = {Papers\Weippl\bzze_2010_CMS_Racz.pdf} }
Markus Huber and Martin Mulazzani and Edgar R. Weippl, "Who On Earth Is Mr. Cypher? Automated Friend Injection Attacks on Social Networking Sites," in Proceedings of the IFIP International Information Security Conference 2010: Security \& Privacy — Silver Linings in the Cloud, 2010. BibTeX | PDF

@inproceedings{Huber_FriendInjectionAttacks_2010, Author = {Markus Huber and Martin Mulazzani and {Edgar R. } Weippl}, title = {Who On Earth Is Mr. Cypher? Automated Friend Injection Attacks on Social Networking Sites}, booktitle = {Proceedings of the IFIP International Information Security Conference 2010: Security \& Privacy --- Silver Linings in the Cloud}, year = {2010}, pdf = {sec2010-friendInjection_preprint.pdf} }
Ulrich Bayer and Engin Kirda and Christopher Kruegel, "Improving the Efficiency of Dynamic Malware Analysis," in 25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications, 2010. BibTeX | PDF

@INPROCEEDINGS{Bayer_ImprovingEfficiencyof_2010, Pdf = {Bayer_ImprovingEfficiencyof_2010.pdf}, author = {Ulrich Bayer and Engin Kirda and Christopher Kruegel}, title = {Improving the Efficiency of Dynamic Malware Analysis}, booktitle = {25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications}, year = {2010} }
Clemens Kolbitsch and Thorsten Holz and Christopher Kruegel and Engin Kirda, "Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries," in IEEE Security and Privacy 2010, 2010. BibTeX

@INPROCEEDINGS{Kolbitsch_AutomatedExtraction_2010, Author = {Clemens Kolbitsch and Thorsten Holz and Christopher Kruegel and Engin Kirda}, title = {Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries}, booktitle = {IEEE Security and Privacy 2010}, year = {2010} }
Martin Mulazzani and Markus Huber and Edgar R. Weippl, "Tor HTTP usage and information leakage," in Proceedings of IFIP CMS 2010, 2010, p. i245-255. BibTeX | PDF

@inproceedings{Huber_TorHTTPUsageInformationLeakage_2010, Author = {Martin Mulazzani and Markus Huber and {Edgar R. } Weippl}, title = {Tor HTTP usage and information leakage }, booktitle = {Proceedings of IFIP CMS 2010}, pages = {i245--255}, year = {2010}, pdf = {2010 - Huber - Tor HTTP Usage.pdf} }
Manuel Egele and Leyla Bilge and Engin Kirda and Christopher Kruegel, "CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms," in 25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications,, 2010. BibTeX

@INPROCEEDINGS{Egele_CAPTCHASmugglingHijacking_2010, Author = {Manuel Egele and Leyla Bilge and Engin Kirda and Christopher Kruegel}, title = {CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms}, booktitle = {25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications,}, year = {2010} }
Tobias Lauinger and Veikko Pankakoski and Engin Kirda, "Honeybot, Your Man in the Middle for Automated Social Engineering," in Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2010), 2010. BibTeX | PDF

@inproceedings{Lauinger_Honeybot2010, title = {Honeybot, Your Man in the Middle for Automated Social Engineering}, author = {Tobias Lauinger and Veikko Pankakoski and Engin Kirda}, year = {2010}, booktitle = {Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2010)}, pdf = {autosoc-leet2010.pdf} }
Martin Mulazzani and Markus Huber and Edgar Weippl, "Anonymity \& Monitoring: How to Monitor the Infrastructure of an Anonymity System," in IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, 2010. BibTeX

@INPROCEEDINGS{Mulazzani_TorMonitoringInfrastructure_2010, Author = {Martin Mulazzani and Markus Huber and Edgar Weippl}, title = {Anonymity \& Monitoring: How to Monitor the Infrastructure of an Anonymity System}, booktitle = {IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews}, year = {2010} }
Markus Huber and Martin Mulazzani and Edgar Weippl, "Social Networking Sites Security: Quo Vadis," in Proceedings of the 1st International Workshop on Privacy Aspects of Social Web and Cloud Computing (PASWeb-2010), 2010. BibTeX

@inproceedings{Huber_SocialNetworkQuoVadis2010, Author = {Markus Huber and Martin Mulazzani and Edgar Weippl}, title = {Social Networking Sites Security: Quo Vadis}, booktitle = {Proceedings of the 1st International Workshop on Privacy Aspects of Social Web and Cloud Computing (PASWeb-2010)}, year = {2010} }
Markus Huber and Martin Mulazzani and Edgar Weippl and Gerhard Kitzler and Sigrun Goluch, "Friend-in-the-middle Attacks," 2010. BibTeX | PDF

@TechReport{fitm10, Author = {Markus Huber and Martin Mulazzani and Edgar Weippl and Gerhard Kitzler and Sigrun Goluch}, year = {2010}, title = {Friend-in-the-middle Attacks}, pdf = {FITM_TR-SBA-Research-0710-01.pdf} }
Gilbert Wondracek and Thorsten Holz and Christian Platzer and Engin Kirda and Christopher Kruegel, "Is the Internet for Porn? An Insight into the Online Adult Industry," in Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS 2010), 2010. BibTeX | PDF

@inproceedings{Wondracek_InternetPorn2010, title = {Is the Internet for Porn? An Insight into the Online Adult Industry}, author = {Gilbert Wondracek and Thorsten Holz and Christian Platzer and Engin Kirda and Christopher Kruegel}, year = {2010}, booktitle = {Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS 2010)}, pdf = {weis2010_wondracek.pdf} }
Paolo Milani Comparetti and Guido Salvaneschi and Clemens Kolbitsch and Christopher Kruegel and Engin Kirda and Stefano Zanero, "Identifying Dormant Functionality in Malware Programs," in IEEE Security and Privacy 2010, 2010. BibTeX

@INPROCEEDINGS{Milani_IdentifyingDormantFunctionalityMalware_2010, Author = {{Paolo Milani} Comparetti and Guido Salvaneschi and Clemens Kolbitsch and Christopher Kruegel and Engin Kirda and Stefano Zanero}, title = {Identifying Dormant Functionality in Malware Programs}, booktitle = {IEEE Security and Privacy 2010}, year = {2010} }
Peter Fruehwirt and Markus Huber and Martin Mulazzani and Edgar Weippl, "InnoDB Database Forensics," in Proceedings of the 24th International Conference on Advanced Information Networking and Applications (AINA 2010), 2010. BibTeX | PDF

@INPROCEEDINGS{Fruehwirt_InnoDBForensics_2010, Author = {Peter Fruehwirt and Markus Huber and Martin Mulazzani and Edgar Weippl}, title = {InnoDB Database Forensics}, booktitle = {Proceedings of the 24th International Conference on Advanced Information Networking and Applications (AINA 2010)}, year = {2010}, pdf = {AINA2010-InnoDBforensics_preprint.pdf} }
Thomas Neubauer, "An Empirical Study about the Status of Business Process Management," Business Process Management Journal, pp. 166-183, 2009. BibTeX

@ARTICLE{Neubauer_EmpiricalStudyabout_2009, Author = {Thomas Neubauer}, title = {An Empirical Study about the Status of Business Process Management}, journal = {Business Process Management Journal}, year = {2009}, pages = {166-183} }
Stefan Fenz and A Min Tjoa and Marcus Hudec, "Ontology-based Generation of Bayesian Networks," in International Conference on Complex, Intelligent and Software Intensive Systems, 2009. CISIS ’09., 2009, pp. 712-717. BibTeX | PDF

@INPROCEEDINGS{Fenz_OntologybasedGenerationof_2009, Pdf = {2009 - Fenz - Ontology-based Generation of Bayesian Networks.pdf}, author = {Stefan Fenz and {A Min} Tjoa and Marcus Hudec}, title = {Ontology-based Generation of {Bayesian} Networks}, booktitle = {International Conference on Complex, Intelligent and Software Intensive Systems, 2009. CISIS '09.}, year = {2009}, pages = {712-717} }
Johannes Heurix and Thomas Neubauer, "Massenpseudonymisierung von persönlichen medizinischen Daten," in DACH Security, 2009. BibTeX

@INPROCEEDINGS{Heurix_Massenpseudonymisierungvonpersoenlichen_2009, Author = {Johannes Heurix and Thomas Neubauer}, title = {Massenpseudonymisierung von pers{\"o}nlichen medizinischen Daten}, booktitle = {DACH Security}, year = {2009} }
Manuel Egele and Christopher Kruegel and Engin Kirda, "Prospex: Protocol Specification Extraction," in 18th European Institute for Computer Antivirus Research, 2009. BibTeX | PDF

@INPROCEEDINGS{Egele_ProspexProtocolSpecification_2009, Pdf = {Egele_ProspexProtocolSpecification_2009.pdf}, author = {Manuel Egele and Christopher Kruegel and Engin Kirda}, title = {Prospex: Protocol Specification Extraction}, booktitle = {18th European Institute for Computer Antivirus Research}, year = {2009} }
Manuel Egele and Christopher Kruegel and Engin Kirda, "Removing Web Spam Links from Search Engine Results," in 31st International Conference on Software Engineering (ICSE), 2009. BibTeX | PDF

@INPROCEEDINGS{Egele_RemovingWebSpam_2009, Pdf = {Egele_RemovingWebSpam_2009.pdf}, author = {Manuel Egele and Christopher Kruegel and Engin Kirda}, title = {Removing Web Spam Links from Search Engine Results}, booktitle = {31st International Conference on Software Engineering (ICSE)}, year = {2009} }
Manuel Egele and Engin Kirda and Christopher Kruegel, "Mitigating Drive-by Download Attacks: Challenges and Open Problems," in Open Research Problems in Network Security Workshop, 2009. BibTeX | PDF

@INPROCEEDINGS{Egele_MitigatingDrivebyDownload_2009, Pdf = {Egele_MitigatingDrivebyDownload_2009.pdf}, author = {Manuel Egele and Engin Kirda and Christopher Kruegel}, title = {Mitigating Drive-by Download Attacks: Challenges and Open Problems}, booktitle = {Open Research Problems in Network Security Workshop}, year = {2009} }
J. Heurix and T. Neubauer and T. Mueck, "Zentralisierte Pseudonymisierung von medizinischen Patientendaten," in Tagungsband e-Health 2009, 2009. BibTeX

@INPROCEEDINGS{Heurix_ZentralisiertePseudonymisierungvon_2009, Author = {J. Heurix and T. Neubauer and T. Mueck}, title = {Zentralisierte Pseudonymisierung von medizinischen Patientendaten}, booktitle = {Tagungsband e-Health 2009}, year = {2009}, journal = {Tagungsband e-Health 2009} }
Martin Mulazzani and Edgar Weippl, "Aktuelle Herausforderungen in der Datenbankforensik," in 7th Information Security Konferenz in Krems, 2009. BibTeX | PDF

@INPROCEEDINGS{Mulazzani_AktuelleHerausforderungenin_2009, Pdf = {Mulazzani_AktuelleHerausforderungenin_2009.pdf}, author = {Martin Mulazzani and Edgar Weippl}, title = {Aktuelle Herausforderungen in der Datenbankforensik}, booktitle = {7th Information Security Konferenz in Krems}, year = {2009} }
Mohammad Tabatabai Irani and Edgar R. Weippl, "Automation Of Post-Exploitation," in Proceedings of International Conference on Security Technology (SecTech 2009), 2009. BibTeX | PDF

@INPROCEEDINGS{TabatabaiIrani_AutomationOfPostExploitation_2009, Pdf = {TabatabaiIrani_AutomationOfPostExploitation_2009.pdf}, author = {Mohammad {Tabatabai Irani} and {Edgar R.} Weippl}, title = {Automation Of Post-Exploitation}, booktitle = {Proceedings of International Conference on Security Technology (SecTech 2009)}, year = {2009} }
Clemens Kolbitsch and Paolo Milani Comparetti and Christopher Kruegel and Engin Kirda, "Automated Spyware Collection and Analysis," in Information Security Conference, 2009. BibTeX | PDF

@INPROCEEDINGS{Kolbitsch_AutomatedSpywareCollection_2009, Pdf = {Kolbitsch_AutomatedSpywareCollection_2009.pdf}, author = {Clemens Kolbitsch and {Paolo Milani} Comparetti and Christopher Kruegel and Engin Kirda}, title = {Automated Spyware Collection and Analysis}, booktitle = {Information Security Conference}, year = {2009} }
Andreas Ekelhart and Thomas Neubauer and Stefan Fenz, "Automated Risk and Utility Management," in 2009 Sixth International Conference on Information Technology: New Generations, 2009, pp. 393-398. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_AutomatedRiskand_2009, Pdf = {2009 - Ekelhart - Automated Risk and Utility Management.pdf}, author = {Andreas Ekelhart and Thomas Neubauer and Stefan Fenz}, title = {Automated Risk and Utility Management}, booktitle = {2009 Sixth International Conference on Information Technology: New Generations}, year = {2009}, pages = {393-398} }
Stefan Fenz and Andreas Ekelhart, "Formalizing Information Security Knowledge," in Proceedings of the 4th ACM Symposium on Information, Computer, and Communications Security, 2009, pp. 183-194. BibTeX | PDF

@INPROCEEDINGS{Fenz_FormalizingInformationSecurity_2009, Pdf = {2009 - Fenz - Formalizing Information Security Knowledge.pdf}, author = {Stefan Fenz and Andreas Ekelhart}, title = {Formalizing Information Security Knowledge}, booktitle = {Proceedings of the 4th ACM Symposium on Information, Computer, and Communications Security}, year = {2009}, pages = {183-194} }
Stefan Fenz and Andreas Ekelhart and Thomas Neubauer, "Business Process-based Resource Importance Determination," in Proceedings of the 7th International Conference on Business Process Management (BPM’2009), 2009, pp. 113-127. BibTeX | PDF

@INPROCEEDINGS{Fenz_BusinessProcessbasedResource_2009, Pdf = {2009 - Fenz - Business Process-based Resource Importance Determination.pdf}, author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer}, title = {Business Process-based Resource Importance Determination}, booktitle = {Proceedings of the 7th International Conference on Business Process Management (BPM'2009)}, year = {2009}, pages = {113-127} }
Andreas Ekelhart and Stefan Fenz and Thomas Neubauer, "Ontology-based Decision Support for Information Security Risk Management," in International Conference on Systems, 2009. ICONS 2009., 2009, pp. 80-85. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_OntologybasedDecisionSupport_2009, Pdf = {2009 - Ekelhart - Ontology-based Decision Support for Information Security Risk Management.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer}, title = {Ontology-based Decision Support for Information Security Risk Management}, booktitle = {International Conference on Systems, 2009. ICONS 2009.}, year = {2009}, pages = {80-85} }
Andreas Ekelhart and Stefan Fenz and Thomas Neubauer, "AURUM: A Framework for Supporting Information Security Risk Management," in Proceedings of the 42nd Hawaii International Conference on System Sciences, HICSS2009, 2009, pp. 1-10. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_AURUMFrameworkSupporting_2009, Pdf = {2009 - Ekelhart - AURUM A Framework for Information Security Risk Management.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer}, title = {AURUM: A Framework for Supporting Information Security Risk Management}, booktitle = {Proceedings of the 42nd Hawaii International Conference on System Sciences, HICSS2009}, year = {2009}, pages = {1-10} }
Brett Stone-Gross and Andreas Moser and Christopher Kruegel and Kevin Almaroth and Engin Kirda, "FIRE: FInding Rogue nEtworks," in 25th Annual Computer Security Applications Conference (ACSAC), 2009. BibTeX | PDF

@INPROCEEDINGS{StoneGross_FIREFIndingRogue_2009, Pdf = {StoneGross_FIREFIndingRogue_2009.pdf}, author = {Brett Stone-Gross and Andreas Moser and Christopher Kruegel and Kevin Almaroth and Engin Kirda}, title = {FIRE: FInding Rogue nEtworks}, booktitle = {25th Annual Computer Security Applications Conference (ACSAC)}, year = {2009} }
Stefan Fenz and Thomas Pruckner and Arman Manutscheri, "Ontological Mapping of Information Security Best-Practice Guidelines," in Business Information Systems, 12th International Conference on Business Information Systems, BIS 2009, 2009. BibTeX | PDF

@INPROCEEDINGS{Fenz_OntologicalMappingof_2009, Pdf = {2009 - Fenz - Ontological Mapping of Information Security Best-Practice Guidelines.pdf}, author = {Stefan Fenz and Thomas Pruckner and Arman Manutscheri}, title = {Ontological Mapping of Information Security Best-Practice Guidelines}, booktitle = {Business Information Systems, 12th International Conference on Business Information Systems, BIS 2009}, year = {2009} }
Stefan Fenz and Thomas Neubauer, "How to Determine Threat Probabilities Using Ontologies and Bayesian Networks," in CSIIRW ’09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research, 2009. BibTeX | PDF

@INPROCEEDINGS{Fenz_HowtoDetermine_2009, Pdf = {2009 - Fenz - How to Determine Threat Probabilities Using Ontologies and Bayesian Networks.pdf}, author = {Stefan Fenz and Thomas Neubauer}, title = {How to Determine Threat Probabilities Using Ontologies and Bayesian Networks}, booktitle = {CSIIRW '09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research}, year = {2009} }
Andreas Ekelhart and Stefan Fenz and Thomas Neubauer, "Ontologiebasiertes IT Risikomanagement," in D.A.CH Security 2009, 2009, pp. 14-24. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_OntologiebasiertesITRisikomanagement_2009, Pdf = {2009 - Ekelhart - Ontologiebasiertes IT Risikomanagement.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer}, title = {Ontologiebasiertes IT Risikomanagement}, booktitle = {D.A.CH Security 2009}, year = {2009}, pages = {14-24} }
Thomas Neubauer and Christian Stummer, "Interaktive Portfolioauswahl im IT-Servicemanagement," HMD – Praxis der Wirtschaftsinformatik, pp. 48-55, 2009. BibTeX

@ARTICLE{Neubauer_InteraktivePortfolioauswahlim_2009, Author = {Thomas Neubauer and Christian Stummer}, title = {Interaktive Portfolioauswahl im IT-Servicemanagement}, journal = {HMD - Praxis der Wirtschaftsinformatik}, year = {2009}, pages = {48-55} }
Markus Huber and Stewart Kowalski and Marcus Nohlberg and Simon Tjoa, "Towards Automating Social Engineering Using Social Networking Sites." 2009, pp. 117-124. BibTeX | PDF

@INPROCEEDINGS{Huber_TowardsAutomatingSocial_2009, Pdf = {2009 - Huber - Towards Automating Social Engineering Using Social Networking Sites.pdf}, author = {Markus Huber and Stewart Kowalski and Marcus Nohlberg and Simon Tjoa}, title = {Towards Automating Social Engineering Using Social Networking Sites}, journal ={Computational Science and Engineering, IEEE International Conference on}, year = {2009}, pages = {117-124} }
Peter Wurzinger and Leyla Bilge and Thorsten Holz and Jan Goebel and Christopher Kruegel and Engin Kirda, "Automatically Generating Models for Botnet Detection," in 14th European Symposium on Research in Computer Security (ESORICS 2009), 2009. BibTeX | PDF

@INPROCEEDINGS{Wurzinger_AutomaticallyGeneratingModels_2009, Pdf = {Wurzinger_AutomaticallyGeneratingModels_2009.pdf}, author = {Peter Wurzinger and Leyla Bilge and Thorsten Holz and Jan Goebel and Christopher Kruegel and Engin Kirda}, title = {Automatically Generating Models for Botnet Detection}, booktitle = {14th European Symposium on Research in Computer Security (ESORICS 2009)}, year = {2009} }
Clemens Kolbitsch and Paolo Milani Comparetti and Christopher Kruegel and Engin Kirda and Xiaoyong Zhou and Xiaofeng Wang, "Effective and Efficient Malware Detection at the End Host," in in USENIX Security ’09, Montreal, 2009. BibTeX | PDF

@INPROCEEDINGS{Kolbitsch_EffectiveandEfficient_2009, Pdf = {Kolbitsch_EffectiveandEfficient_2009.pdf}, author = {Clemens Kolbitsch and {Paolo Milani} Comparetti and Christopher Kruegel and Engin Kirda and Xiaoyong Zhou and Xiaofeng Wang}, title = {Effective and Efficient Malware Detection at the End Host}, booktitle = {in USENIX Security '09, Montreal}, year = {2009} }
Ulrich Bayer and Imam Habibi and Davide Balzarotti and Engin Kirda and Christopher Kruegel, "Insights Into Current Malware Behavior," in 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston, 2009. BibTeX | PDF

@INPROCEEDINGS{Bayer_InsightsIntoCurrent_2009, Pdf = {Bayer_InsightsIntoCurrent_2009.pdf}, author = {Ulrich Bayer and Imam Habibi and Davide Balzarotti and Engin Kirda and Christopher Kruegel}, title = {Insights Into Current Malware Behavior}, booktitle = {2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston}, year = {2009} }
Ulrich Bayer and Paolo Milani Comparetti and Clemens Hlauschek and Christopher Kruegel and Engin Kirda, "Scalable, Behavior-Based Malware Clustering," in Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS 2009), 2009. BibTeX | PDF

@INPROCEEDINGS{Bayer_ScalableBehaviorBasedMalware_2009, Pdf = {Bayer_ScalableBehaviorBasedMalware_2009.pdf}, author = {Ulrich Bayer and {Paolo Milani} Comparetti and Clemens Hlauschek and Christopher Kruegel and Engin Kirda}, title = {Scalable, Behavior-Based Malware Clustering}, booktitle = {Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS 2009)}, year = {2009} }
Stefan Jakoubi and Thomas Neubauer and Simon Tjoa, "A Roadmap to Risk-Aware Business Process Management," in APSCC, 2009. BibTeX

@INPROCEEDINGS{Jakoubi_RoadmaptoRiskAware_2009, Author = {Stefan Jakoubi and Thomas Neubauer and Simon Tjoa}, title = {A Roadmap to Risk-Aware Business Process Management}, booktitle = {APSCC}, year = {2009} }
Thomas Neubauer and Christian Stummer, "Interactive selection of Web services under multiple objectives," Information Technology and Management, 2009. BibTeX

@ARTICLE{Neubauer_Interactiveselectionof_2009, Author = {Thomas Neubauer and Christian Stummer}, title = {Interactive selection of Web services under multiple objectives}, journal = {Information Technology and Management}, year = {2009} }
Severin Winkler and Christian Proschinger, "Collaborative Penetration Testing," in 9. Internationale Tagung Wirtschaftsinformatik (Kurztitel Wi 2009), 2009. BibTeX | PDF

@INPROCEEDINGS{Winkler_CollaborativePenetrationTesting_2009, Pdf = {Winkler_CollaborativePenetrationTesting_2009.pdf}, author = {Severin Winkler and Christian Proschinger}, title = {Collaborative Penetration Testing}, booktitle = {9. Internationale Tagung Wirtschaftsinformatik (Kurztitel Wi 2009)}, year = {2009} }
Stefan Jakoubi and Simon Tjoa and Gernot Goluch and Gerald Quirchmayr, "A Survey of Scientific Approaches Considering the Integration of Security and Risk Aspects into Business Process Management," in International Workshop on Database and Expert Systems Applications, 2009, pp. 127-132. BibTeX | PDF

@INPROCEEDINGS{Jakoubi_SurveyofScientific_2009, Pdf = {Jakoubi_SurveyofScientific_2009.pdf}, author = {Stefan Jakoubi and Simon Tjoa and Gernot Goluch and Gerald Quirchmayr}, title = {A Survey of Scientific Approaches Considering the Integration of Security and Risk Aspects into Business Process Management}, booktitle = {International Workshop on Database and Expert Systems Applications}, year = {2009}, pages = {127-132}, journal = {Database and Expert Systems Applications, International Workshop on} }
Stefan Jakoubi and Simon Tjoa, "A Reference Model for Risk-Aware Business Process Management," in International Conference on Risks and Security of Internet and Systems, 2009. BibTeX | PDF

@INPROCEEDINGS{Jakoubi_ReferenceModelRiskAware_2009, Pdf = {Jakoubi_ReferenceModelRiskAware_2009 (2).pdf}, author = {Stefan Jakoubi and Simon Tjoa}, title = {A Reference Model for Risk-Aware Business Process Management}, booktitle = {International Conference on Risks and Security of Internet and Systems}, year = {2009} }
Thomas Neubauer and Gernot Goluch and Stefan Jakoubi and Simon Tjoa and Martin Wisser, "A Process Model for RFID based Business Process Analysis," in APSCC, 2009. BibTeX

@INPROCEEDINGS{Neubauer_ProcessModelRFID_2009, Author = {Thomas Neubauer and Gernot Goluch and Stefan Jakoubi and Simon Tjoa and Martin Wisser}, title = {A Process Model for RFID based Business Process Analysis}, booktitle = {APSCC}, year = {2009} }
Leyla Bilge and Thorsten Strufe and Davide Balzarotti and Engin Kirda, "All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks," in 18th International World Wide Web Conference, 2009. BibTeX | PDF

@INPROCEEDINGS{Bilge_AllYourContacts_2009, Pdf = {Bilge_AllYourContacts_2009.pdf}, author = {Leyla Bilge and Thorsten Strufe and Davide Balzarotti and Engin Kirda}, title = {All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks}, booktitle = {18th International World Wide Web Conference}, year = {2009} }
Peter Wurzinger and Christian Platzer and Christian Ludl and Engin Kirda and Christopher Kruegel, "SWAP: Mitigating XSS Attacks using a Reverse Proxy," in The 5th International Workshop on Software Engineering for Secure Systems (SESS’09), 31st International Conference on Software Engineering (ICSE),, 2009. BibTeX | PDF

@INPROCEEDINGS{Wurzinger_SWAPMitigatingXSS_2009, Pdf = {Wurzinger_SWAPMitigatingXSS_2009.pdf}, author = {Peter Wurzinger and Christian Platzer and Christian Ludl and Engin Kirda and Christopher Kruegel}, title = {SWAP: Mitigating XSS Attacks using a Reverse Proxy}, booktitle = {The 5th International Workshop on Software Engineering for Secure Systems (SESS'09), 31st International Conference on Software Engineering (ICSE),}, year = {2009} }
Markus Huber, "Automated Social Engineering, Proof of Concept," Master’s Dissertation , 2009. BibTeX | PDF

@MastersThesis{MHuber_ASEthesis09, title = {Automated Social Engineering, Proof of Concept}, author = {Markus Huber}, year = {2009}, Pdf={thesis_ASE-PoC_MHuber.pdf} }
Benjamin Boeck and Edgar R. Weippl, "The Handbook of Technology Management." , 2009. BibTeX

@INBOOK{Bock_acceptedforpublicationSocialEngineering_2009, title = {The Handbook of Technology Management}, year = {2009}, author = {Benjamin Boeck and {Edgar R.} Weippl} }
Thomas Neubauer and Mathias Kolb and Andreas Ekelhart, "An Evaluation of Technologies for the Pseudonymization of Medical Data," in Proceedings of the ACM Symposium on Applied Computing, 2009. BibTeX

@INPROCEEDINGS{Neubauer_EvaluationofTechnologies_2009a, Author = {Thomas Neubauer and Mathias Kolb and Andreas Ekelhart}, title = {An Evaluation of Technologies for the Pseudonymization of Medical Data}, booktitle = {Proceedings of the ACM Symposium on Applied Computing}, year = {2009} }
Thomas Neubauer and Mathias Kolb, "Technologies for the Pseudonymization of Medical Data: A Legal Evaluation," in International Conference on Systems, 2009. BibTeX

@INPROCEEDINGS{Neubauer_TechnologiesPseudonymizationof_2009, Author = {Thomas Neubauer and Mathias Kolb}, title = {Technologies for the Pseudonymization of Medical Data: A Legal Evaluation}, booktitle = {International Conference on Systems}, year = {2009} }
Thomas Neubauer and Andreas Ekelhart and Stefan Fenz, "Interactive Selection of ISO 27001 Controls under Multiple Objectives," in Proceedings of the Ifip Tc 11 23rd International Information Security Conference, IFIPSec 2008, 2008, pp. 477-492. BibTeX | PDF

@INPROCEEDINGS{Neubauer_InteractiveSelectionof_2008, Pdf = {2008 - Neubauer - Interactive Selection of ISO 27001 Controls under Multiple Objectives.pdf}, author = {Thomas Neubauer and Andreas Ekelhart and Stefan Fenz}, title = {Interactive Selection of ISO 27001 Controls under Multiple Objectives}, booktitle = {Proceedings of the Ifip Tc 11 23rd International Information Security Conference, IFIPSec 2008}, year = {2008}, pages = {477-492} }
Thomas Neubauer and Johannes Heurix, "Defining Secure Business Processes with Respect to Multiple Objectives," in Proceedings of the Third International Conference on Availability, Reliability and Security ARES, 2008. BibTeX

@INPROCEEDINGS{Neubauer_DefiningSecureBusiness_2008, Author = {Thomas Neubauer and Johannes Heurix}, title = {Defining Secure Business Processes with Respect to Multiple Objectives}, booktitle = {{P}roceedings of the {T}hird {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}}, year = {2008} }
Bernhard Riedl and Veronika Grascher and Thomas Neubauer, "A Secure e-Health Architecture based on the Appliance of Pseudonymization," Journal of Software, 2008. BibTeX

@ARTICLE{Riedl_SecureeHealthArchitecture_2008, Author = {Bernhard Riedl and Veronika Grascher and Thomas Neubauer}, title = {A Secure e-Health Architecture based on the Appliance of Pseudonymization}, journal = {Journal of Software}, year = {2008} }
B. Riedl and V. Grascher and Mathias Kolb and T. Neubauer, "Economic and Security Aspects of the Appliance of a Threshold Scheme in e-Health," in Proceedings of the Third International Conference on Availability, Reliability and Security ARES, 2008. BibTeX

@INPROCEEDINGS{Riedl_EconomicandSecurity_2008, Author = {B.~Riedl and V.~Grascher and Mathias Kolb and T.~Neubauer}, title = {Economic and Security Aspects of the Appliance of a Threshold Scheme in e-Health}, booktitle = {{P}roceedings of the {T}hird {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}}, year = {2008} }
Stefan Fenz and A Min Tjoa, "Ontology- and Bayesian-based Threat Probability Determination," in Proceedings of the Junior Scientist Conference 2008, 2008, pp. 69-70. BibTeX

@INPROCEEDINGS{Fenz_OntologyandBayesianbased_2008a, Author = {Stefan Fenz and {A Min} Tjoa}, title = {Ontology- and Bayesian-based Threat Probability Determination}, booktitle = {Proceedings of the Junior Scientist Conference 2008}, year = {2008}, pages = {69-70} }
Bernhard Riedl and Veronika Grascher and Stefan Fenz and Thomas Neubauer, "Pseudonymization for improving the privacy in e-Health applications," in Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008, 2008, pp. 255-264. BibTeX | PDF

@INPROCEEDINGS{Riedl_Pseudonymizationimprovingprivacy_2008, Pdf = {2008 - Riedl - Pseudonymization for Improving the Privacy in e-Health Applications.pdf}, author = {Bernhard Riedl and Veronika Grascher and Stefan Fenz and Thomas Neubauer}, title = {Pseudonymization for improving the privacy in e-Health applications}, booktitle = {Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008}, year = {2008}, pages = {255-264} }
T. Neubauer and J. Pichler and C. Stummer, "Multiobjective Selection of Software Components: A Case Study," in Proceedings of the IEEE Asia-Pacific Services Computing Conference, 2008. BibTeX

@INPROCEEDINGS{Neubauer_MultiobjectiveSelectionof_2008, Author = {T.~Neubauer and J.~Pichler and C.~Stummer}, title = {Multiobjective Selection of Software Components: A Case Study}, booktitle = {Proceedings of the IEEE Asia-Pacific Services Computing Conference}, year = {2008} }
Thomas Neubauer and Bernhard Riedl, "Improving Patients Privacy with Pseudonymization," in Proceedings of the International Congress of the European Federation for Medical Informatics, 2008. BibTeX

@INPROCEEDINGS{Neubauer_ImprovingPatientsPrivacy_2008, Author = {Thomas Neubauer and Bernhard Riedl}, title = {Improving Patients Privacy with Pseudonymization}, booktitle = {Proceedings of the International Congress of the European Federation for Medical Informatics}, year = {2008} }
Stefan Fenz and Andreas Ekelhart and Edgar Weippl, "Semantic Potential of existing Security Advisory Standards," in Proceedings of the FIRST2008 Conference, 2008. BibTeX | PDF

@INPROCEEDINGS{Fenz_SemanticPotentialof_2008, Pdf = {2008 - Fenz - Semantic Potential of Existing Security Advisory Standards.pdf}, author = {Stefan Fenz and Andreas Ekelhart and Edgar Weippl}, title = {Semantic Potential of existing Security Advisory Standards}, booktitle = {Proceedings of the FIRST2008 Conference}, year = {2008} }
Thomas Neubauer and Thomas Mueck, "PIPE: Ein System zur Pseudonymisierung von Gesundheitsdaten," in Proceedings of e-Health 2008, 2008. BibTeX

@INPROCEEDINGS{Neubauer_PIPEEinSystem_2008, Author = {Thomas Neubauer and Thomas Mueck}, title = {{PIPE:} Ein System zur Pseudonymisierung von Gesundheitsdaten}, booktitle = {Proceedings of e-Health 2008}, year = {2008} }
Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Simon Tjoa and Thomas Mueck, "Integration of an Ontological Information Security Concept in Risk Aware Business Process Management," in Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008, 2008, pp. 377-385. BibTeX | PDF

@INPROCEEDINGS{Goluch_IntegrationofOntological_2008, Pdf = {2008 - Goluch - Integration of an Ontological Information Security Concept in Risk-Aware Business Process Management.pdf}, author = {Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Simon Tjoa and Thomas Mueck}, title = {Integration of an Ontological Information Security Concept in Risk Aware Business Process Management}, booktitle = {Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008}, year = {2008}, pages = {377-385} }
Thomas Neubauer and Johannes Heurix, "Multiobjective Decision Support for defining Secure Business Processes: A Case Study," Int. J. Business Intelligence and Data Mining, pp. 177-195, 2008. BibTeX

@ARTICLE{Neubauer_MultiobjectiveDecisionSupport_2008, Author = {Thomas Neubauer and Johannes Heurix}, title = {Multiobjective Decision Support for defining Secure Business Processes: A Case Study}, journal = {Int. J. Business Intelligence and Data Mining}, year = {2008}, pages = {177-195}, booktitle = {Proceedings of the Ninth International Conference on Information Integration and Web-based Applications Services} }
Thomas Neubauer and Johannes Heurix, "Objective Types for the Valuation of Secure Business Processes," in Proceedings of the 7th IEEE/ACIS International Conference on Computer and Information Science, 2008. BibTeX

@INPROCEEDINGS{Neubauer_ObjectiveTypesValuation_2008, Author = {Thomas Neubauer and Johannes Heurix}, title = {Objective Types for the Valuation of Secure Business Processes}, booktitle = {Proceedings of the 7th IEEE/ACIS International Conference on Computer and Information Science}, year = {2008} }
Luca Foschini and Ashish Thypliyal and Lorenzo Cavallaro and Christopher Kruegel and Giovanni Vigna, "A Parallel Architecture for Stateful, High-Speed Intrusion Detection," in International Conference on Information Systems Security (ICISS) , Lecture Notes in Computer Science, 2008. BibTeX

@INPROCEEDINGS{Foschini_ParallelArchitectureStateful_2008, Author = {Luca Foschini and Ashish Thypliyal and Lorenzo Cavallaro and Christopher Kruegel and Giovanni Vigna}, title = {A Parallel Architecture for Stateful, High-Speed Intrusion Detection}, booktitle = {International Conference on Information Systems Security (ICISS) , Lecture Notes in Computer Science}, year = {2008} }
Stefan Jakoubi and Gernot Goluch and Simon Tjoa and Gerald Quirchmayr, "Deriving Resource Requirements Applying Risk-Aware Business Process Modeling and Simulation," in Proceedings of the 16th European Conference on Information Systems (ECIS), 2008. BibTeX

@INPROCEEDINGS{Jakoubi_DerivingResourceRequirements_2008, Author = {Stefan Jakoubi and Gernot Goluch and Simon Tjoa and Gerald Quirchmayr}, title = {Deriving Resource Requirements Applying Risk-Aware Business Process Modeling and Simulation}, booktitle = {Proceedings of the 16th European Conference on Information Systems (ECIS)}, year = {2008} }
Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Markus Steinkellner and Edgar Weippl, "XML Security – A comparative literature review," Journal of Systems and Software, pp. 1715-1724, 2008. BibTeX | PDF

@ARTICLE{Ekelhart_XMLSecurity_2008, Pdf = {2008 - Ekelhart - XML security -- A Comparative Literature Review.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Markus Steinkellner and Edgar Weippl}, title = {XML Security - A comparative literature review}, journal = {Journal of Systems and Software}, year = {2008}, pages = {1715-1724} }
Stefan Fenz and Andreas Ekelhart and Edgar Weippl, "Fortification of IT security by automatic security advisory processing," in Proceedings of the 22nd International Conference on Advanced Information Networking and Applications, AINA2008, 2008, pp. 575-582. BibTeX | PDF

@INPROCEEDINGS{Fenz_FortificationofIT_2008, Pdf = {2008 - Fenz - Fortification of IT Security by Automatic Security Advisory Processing.pdf}, author = {Stefan Fenz and Andreas Ekelhart and Edgar Weippl}, title = {Fortification of {IT} security by automatic security advisory processing}, booktitle = {Proceedings of the 22nd International Conference on Advanced Information Networking and Applications, AINA2008}, year = {2008}, pages = {575-582} }
Edgar R. Weippl and Joe Luca (editors), ED-MEDIA Conference Proceedings, , 2008. BibTeX

@BOOK{Weippl_EDMEDIAConferenceProceedings_2008, title = {ED-MEDIA Conference Proceedings}, year = {2008}, author = {{Edgar R.} Weippl and Joe Luca (editors)} }
Edgar R. Weippl and Martin Ebner, "Security Privacy Challenges in E-Learning 2.0," in E-Learn 2008, 2008. BibTeX

@INPROCEEDINGS{Weippl_SecurityPrivacyChallenges_2008, Author = {{Edgar R.} Weippl and Martin Ebner}, title = {Security Privacy Challenges in E-Learning 2.0}, booktitle = {E-Learn 2008}, year = {2008} }
Philippe Benditsch and Gerald Futschek and Markus Klemen and Edgar R. Weippl, "OCG IT-Security Zertifikat fuer Nutzer," in IRIS 2008, 2008. BibTeX

@INPROCEEDINGS{Benditsch_OCGITSecurityZertifikat_2008, Author = {Philippe Benditsch and Gerald Futschek and Markus Klemen and {Edgar R.} Weippl}, title = {OCG IT-Security Zertifikat fuer Nutzer}, booktitle = {IRIS 2008}, year = {2008} }
Marco Cova and Christopher Kruegel and Giovanni Vigna, "There Is No Free Phish: An Analysis of "Free" and Live Phishing Kits," in Usenix Workshop on Offensive Technologies (WOOT), 2008, p. 8. BibTeX | PDF

@INPROCEEDINGS{MarcoCova_ThereIsNo_2008, Pdf = {MarcoCova_ThereIsNo_2008.pdf}, author = {Marco Cova and Christopher Kruegel and Giovanni Vigna}, title = {There Is No Free Phish: An Analysis of "Free" and Live Phishing Kits}, booktitle = {Usenix Workshop on Offensive Technologies (WOOT)}, year = {2008}, pages = {8} }
Edgar R. Weippl, "Handbook of Research on Information Security and Assurance." , 2008. BibTeX

@INBOOK{Weippl_SecurityAwarenessVirtualEnvironmentsandELearning_2008, title = {Handbook of Research on Information Security and Assurance}, year = {2008}, author = {{Edgar R.} Weippl} }
Julio Canto and Marc Dacier and Engin Kirda and Corrado Leita, "Large Scale Malware Collection: Lessons Learned," in IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing System, 2008. BibTeX | PDF

@INPROCEEDINGS{Canto_LargeScaleMalware_2008, Pdf = {Canto_LargeScaleMalware_200.pdf}, author = {Julio Canto and Marc Dacier and Engin Kirda and Corrado Leita}, title = {Large Scale Malware Collection: Lessons Learned}, booktitle = {IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing System}, year = {2008} }
Edgar R. Weippl and Markus D. Klemen and Stefan Raffeiner, "The Semantic Web for Knowledge and Data Management: Technologies and Practices." , 2008, pp. 38-48. BibTeX

@INBOOK{Weippl_ImprovingStorageConceptsforSemanticModelsandOntologies_2008, pages = {38--48}, title = {The Semantic Web for Knowledge and Data Management: Technologies and Practices}, year = {2008}, author = {{Edgar R.} Weippl and {Markus D.} Klemen and Stefan Raffeiner} }
Edgar R. Weippl and Bernhard Riedl, "Handbook of Research on Mobile Multimedia, Second Edition." , 2008, p. IX. BibTeX

@INBOOK{Weippl_SecurityTrustandPrivacyonMobileDevicesandMultimediaApplications_2008, pages = {Chapter IX}, title = {Handbook of Research on Mobile Multimedia, Second Edition}, year = {2008}, author = {{Edgar R.} Weippl and Bernhard Riedl} }
Edgar R. Weippl, "Cyber Attacks and the article 5 of the Treaty of NATO," Euro Atlantic Quarterly, p. 22, 2008. BibTeX | PDF

@ARTICLE{weippl_gca, Author = {{Edgar R.} Weippl}, title = {Cyber Attacks and the article 5 of the Treaty of NATO}, journal = {Euro Atlantic Quarterly}, year = {2008}, pages = {22}, pdf ={Papers\Weippl\gca_article5.doc} }
Marcus Nohlberg and Stewart Kowalski and Markus Huber, "Measuring Readiness for Automated Social Engineering," in In CD ROM Proceedings of the 7th Security Conference, 2008, pp. 20.1-20.13. BibTeX | PDF

@InProceedings{nohlberghuber2008, title = {Measuring Readiness for Automated Social Engineering}, author = {Marcus Nohlberg and Stewart Kowalski and Markus Huber}, year = {2008}, booktitle = {In CD ROM Proceedings of the 7th Security Conference}, pages = {20.1--20.13.}, Pdf={Measuring Readiness against Automated Social Engineering_2008_final_93.pdf} }
Gilbert Wondracek and Paulo Milani Comparetti and Christopher Kruegel and Engin Kirda, "Automatic Network Protocol Analysis," in 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, February 2008, 2008. BibTeX | PDF

@INPROCEEDINGS{Wondracek_AutomaticNetworkProtocol_2008, Pdf = {Wondracek_AutomaticNetworkProtocol_2008.pdf}, author = {Gilbert Wondracek and {Paulo Milani} Comparetti and Christopher Kruegel and Engin Kirda}, title = {Automatic Network Protocol Analysis}, booktitle = {15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, February 2008}, year = {2008} }
Corrado Leita and V.H. Pham and Olivier Thonnard and E. Ramirez-Silva and Fabian Pouget and Engin Kirda and Marc Dacier, "The Leurre.com Project: Collecting Internet Threats Information using a Worldwide Distributed Honeynet," in In Proceedings of the 1st WOMBAT workshop, 2008. BibTeX

@INPROCEEDINGS{Leita_LeurrecomProjectCollecting_2008, Author = {Corrado Leita and V.H. Pham and Olivier Thonnard and E. Ramirez-Silva and Fabian Pouget and Engin Kirda and Marc Dacier}, title = {The Leurre.com Project: Collecting Internet Threats Information using a Worldwide Distributed Honeynet}, booktitle = {In Proceedings of the 1st WOMBAT workshop}, year = {2008} }
Sean McAllister and Christopher Kruegel and Engin Kirda, "Leveraging User INteractions for IN-Depth- Testing of Weg Applications," in Symposium on Recent Advances in Intrusion Detection, 2008. BibTeX

@INPROCEEDINGS{Allister_SymposiumRecentAdvances_2008, Author = {Sean McAllister and Christopher Kruegel and Engin Kirda}, title = {Leveraging User INteractions for IN-Depth- Testing of Weg Applications}, booktitle = {Symposium on Recent Advances in Intrusion Detection}, year = {2008} }
Mansoor Ahmed and Amin Anjomshoaa and A Min Tjoa, "Context-Based Privacy Management of Personal Information Using Semantic Desktop: SemanticLIFE Case Study," , pp. 214-221, 2008. BibTeX

@ARTICLE{TUW-168902, Author = {Mansoor Ahmed and Amin Anjomshoaa and {A Min} Tjoa}, title = {Context-Based Privacy Management of Personal Information Using Semantic Desktop: SemanticLIFE Case Study}, year = {2008}, pages = {214--221}, booktitle = {Proceedings of the 10th International Conference on Informationb Integration and Web-based Application {\&} Services} }
Edgar R. Weippl, "Preface to Social Implications of Data Mining and Information Privacy: Interdisciplinary Frameworks and Solutions." , 2008. BibTeX

@INBOOK{Weippl__2008, title = {Preface to Social Implications of Data Mining and Information Privacy: Interdisciplinary Frameworks and Solutions}, year = {2008}, author = {{Edgar R.} Weippl} }
Edgar R. Weippl, "Encyclopedia of Data Warehousing and Mining." , 2008. BibTeX

@INBOOK{Weippl_DatabaseSecurityandStatisticalDatabaseSecurity_2008, title = {Encyclopedia of Data Warehousing and Mining}, year = {2008}, author = {{Edgar R.} Weippl} }
Guenther Starnberger and Christopher Kruegel and Engin Kirda, "A botnet protocol based on Kademlia," in International Conference on Security and Privacy in Communication Networks (SecureComm), 2008. BibTeX | PDF

@INPROCEEDINGS{Starnberger_botnetprotocolbased_2008, Pdf = {Starnberger_botnetprotocolbased_2008.pdf}, author = {Guenther Starnberger and Christopher Kruegel and Engin Kirda}, title = {A botnet protocol based on Kademlia}, booktitle = {International Conference on Security and Privacy in Communication Networks (SecureComm)}, year = {2008} }
Marcel Medwed and Jörn-Marc Schmidt, "A Generic Fault Countermeasure Providing Data and Program Flow Integrity," in Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2008, Washington DC, USA, August 10, 2008, Proceedings, 2008. BibTeX

@INPROCEEDINGS{Medwed_GenericFaultCountermeasure_2008, Author = {Marcel Medwed and J\"orn-Marc Schmidt}, title = {{A Generic Fault Countermeasure Providing Data and Program Flow Integrity}}, booktitle = {Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2008, Washington DC, USA, August 10, 2008, Proceedings}, year = {2008} }
Joern-Marc Schmidt and Christoph Herbst, "A Practical Fault Attack on Square and Multiply," in Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2008, Washington DC, USA, August 10, 2008, Proceedings, 2008. BibTeX

@INPROCEEDINGS{Schmidt_PracticalFaultAttack_2008, Author = {Joern-Marc Schmidt and Christoph Herbst}, title = {A Practical Fault Attack on Square and Multiply}, booktitle = {Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2008, Washington DC, USA, August 10, 2008, Proceedings}, year = {2008} }
Stefan Fenz, "Ontology- and Bayesian-based information security risk management," PhD Thesis , 2008. BibTeX

@PHDTHESIS{Fenz_OntologyandBayesianbased_2008, Author = {Stefan Fenz}, title = {Ontology- and Bayesian-based information security risk management}, year = {2008} }
Jörn-Marc Schmidt, "A Chemical Memory Snapshot," in Proceedings of Smart Card Research and Advanced Application Conference — CARDIS, 2008. BibTeX

@INPROCEEDINGS{Schmidt_ChemicalMemorySnapshot_2008, Author = {J\"orn-Marc Schmidt}, title = {{A Chemical Memory Snapshot}}, booktitle = {Proceedings of Smart Card Research and Advanced Application Conference -- CARDIS}, year = {2008} }
Guenther Starnberger and Christopher Kruegel and Engin Kirda, "Overbot – A botnet protocol based on Kademlia," in 4th International Conference on Security and Privacy in Communication Networks (SecureComm), 2008. BibTeX | PDF

@INPROCEEDINGS{Starnberger_Overbotbotnet_2008, Pdf = {Starnberger_Overbotbotnet_2008.pdf}, author = {Guenther Starnberger and Christopher Kruegel and Engin Kirda}, title = {Overbot - A botnet protocol based on Kademlia}, booktitle = {4th International Conference on Security and Privacy in Communication Networks (SecureComm)}, year = {2008} }
Sean McAllister and Engin Kirda and Christopher Kruegel, "Expanding Human Interactions for In-Depth Testing of Web Applications," in 11th Symposium on Recent Advances in Intrusion Detection (RAID), Boston, MA, 2008. BibTeX | PDF

@INPROCEEDINGS{McAllister_ExpandingHumanInteractions_2008, Pdf = {McAllister_ExpandingHumanInteractions_2008.pdf}, author = {Sean McAllister and Engin Kirda and Christopher Kruegel}, title = {Expanding Human Interactions for In-Depth Testing of Web Applications}, booktitle = {11th Symposium on Recent Advances in Intrusion Detection (RAID), Boston, MA}, year = {2008} }
Simon Tjoa and Stefan Jakoubi and Edgar R. Weippl (editors), ARES Conference Proceedings, , 2008. BibTeX

@BOOK{Tjoa_ARESConferenceProceedings_2008, title = {ARES Conference Proceedings}, year = {2008}, author = {Simon Tjoa and Stefan Jakoubi and {Edgar R.} Weippl (editors)} }
Sean Mcallister and Engin Kirda and Christopher Kruegel, "Leveraging User Interactions for In-Depth Testing of Web Applications," , pp. 191-210, 2008. BibTeX

@ARTICLE{1433021, Author = {Sean Mcallister and Engin Kirda and Christopher Kruegel}, title = {Leveraging User Interactions for In-Depth Testing of Web Applications}, year = {2008}, pages = {191--210}, booktitle = {RAID '08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection} }
Marco Cova and Vika Felmetsger and Davide Balzarotti and Nenad Jovanovic and Christopher Kruegel and Engin Kirda and Giovanni Vigna, "Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications," in Security and Privacy, 2008, p. 15. BibTeX | PDF

@INPROCEEDINGS{Cova_ComposingStaticand_2008, Pdf = {Cova_ComposingStaticand_.pdf}, author = {Marco Cova and Vika Felmetsger and Davide Balzarotti and Nenad Jovanovic and Christopher Kruegel and Engin Kirda and Giovanni Vigna}, title = {Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications}, booktitle = {Security and Privacy}, year = {2008}, pages = {15} }
Eric Medvet and Engin Kirda and Christopher Kruegel, "Visual Similarity-Based Phishing Detection," in IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2008. BibTeX | PDF

@INPROCEEDINGS{Medvet_VisualSimilarityBasedPhishing_2008, Pdf = {Medvet_VisualSimilarityBasedPhishing_2008.pdf}, author = {Eric Medvet and Engin Kirda and Christopher Kruegel}, title = {Visual Similarity-Based Phishing Detection}, booktitle = {IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks}, year = {2008} }
Simon Tjoa and Stefan Jakoubi and Gernot Goluch and Gerald Quirchmayr, "Extension of a Methodology for Risk-Aware Business Process Modeling and Simulation Enabling Process-Oriented Incident Handling Support," in The 22st International Conference on Advanced Information Networking and Applications, 2008. BibTeX

@INPROCEEDINGS{Tjoa_ExtensionofMethodology_2008, Author = {Simon Tjoa and Stefan Jakoubi and Gernot Goluch and Gerald Quirchmayr}, title = {Extension of a Methodology for Risk-Aware Business Process Modeling and Simulation Enabling Process-Oriented Incident Handling Support}, booktitle = {The 22st International Conference on Advanced Information Networking and Applications}, year = {2008} }
Simon Tjoa and Stefan Jakoubi and Gerald Quirchmayr, "Enhancing Business Impact Analysis and Risk Assessment applying a Risk-Aware Business Process Modeling and Simulation Methodology," in Proceedings of the 3rd International Conference on Availability, Reliability and Security, 2008. BibTeX

@INPROCEEDINGS{Tjoa_EnhancingBusinessImpact_2008, Author = {Simon Tjoa and Stefan Jakoubi and Gerald Quirchmayr}, title = {Enhancing {B}usiness {I}mpact {A}nalysis and {R}isk {A}ssessment applying a {R}isk-{A}ware {B}usiness {P}rocess {M}odeling and {S}imulation {M}ethodology}, booktitle = {Proceedings of the 3rd {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity}, year = {2008} }
Markus Klemen and Thomas Neubauer and Edgar R. Weippl, "The Handbook of Computer Networks." , 2007. BibTeX

@INBOOK{Klemen_BusinessRequirementsofBackupSystems_2007, title = {The Handbook of Computer Networks}, year = {2007}, author = {Markus Klemen and Thomas Neubauer and {Edgar R.} Weippl} }
Andreas Ekelhart and Stefan Fenz and Markus Klemen and Edgar R. Weippl, "Security Ontologies: Improving Quantitative Risk Analysis," in Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007, 2007, pp. 156-162. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_SecurityOntologiesImproving_2007, Pdf = {2007 - Ekelhart - Security Ontologies Improving Quantitative Risk Analysis.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Markus Klemen and {Edgar R.} Weippl}, title = {Security Ontologies: Improving Quantitative Risk Analysis}, booktitle = {Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007}, year = {2007}, pages = {156-162} }
Stefan Jakoubi and Simon Tjoa and Gerald Quirchmayr, "ROPE: A Methodology for Enabling the Risk-Aware Modeling and Simulation of Business Processes," in Proceedings of the 15th European Conference on Information Systems (ECIS 2007), 2007. BibTeX

@INPROCEEDINGS{Jakoubi_ROPEMethodologyEnabling_2007, Author = {Stefan Jakoubi and Simon Tjoa and Gerald Quirchmayr}, title = {ROPE: A Methodology for Enabling the Risk-Aware Modeling and Simulation of Business Processes}, booktitle = {Proceedings of the 15th European Conference on Information Systems (ECIS 2007)}, year = {2007} }
Manuel Egele and Christopher Kruegel and Engin Kirda and Heng Yin and Dawn Song, "Dynamic Spyware Analysis," in Proceedings of the USENIX Annual Technical Conference, 2007. BibTeX

@INPROCEEDINGS{Egele_DynamicSpywareAnalysis_2007, Author = {Manuel Egele and Christopher Kruegel and Engin Kirda and Heng Yin and Dawn Song}, title = {Dynamic Spyware Analysis}, booktitle = {Proceedings of the USENIX Annual Technical Conference}, year = {2007} }
Mihai Christodorescu and Christopher Kruegel and Somesh Jha, "Mining Specifications of Malicious Behavior," in Proceedings of the European Software Engineering Conference and the ACM Symposium on the Foundations of Software Engineering (ESEC/FSE)., 2007. BibTeX

@INPROCEEDINGS{Christodorescu_MiningSpecificationsof_2007, Author = {Mihai Christodorescu and Christopher Kruegel and Somesh Jha}, title = {Mining Specifications of Malicious Behavior}, booktitle = {Proceedings of the European Software Engineering Conference and the ACM Symposium on the Foundations of Software Engineering (ESEC/FSE).}, year = {2007} }
Benjamin Boeck and Markus Klemen and Edgar R. Weippl, "The Handbook of Computer Networks." , 2007. BibTeX

@INBOOK{Bock_SocialEngineering_2007, title = {The Handbook of Computer Networks}, year = {2007}, author = {Benjamin Boeck and Markus Klemen and {Edgar R.} Weippl} }
Witold Abramowicz and Andreas Ekelhart and Stefan Fenz and Monika Kaczmarek and A Min Tjoa and Edgar R. Weippl and Dominik Zyskowski, "Security aspects in Semantic Web Services Filtering," in Proceedings of the 9th @WAS International Conference on Information Integration and Web-based Applications \& Services (iiWAS2007), 2007, pp. 21-31. BibTeX | PDF

@INPROCEEDINGS{Abramowicz_Securityaspectsin_2007, Pdf = {2007 - Abramowicz - Security Aspects in Semantic Web Services Filtering.pdf}, author = {Witold Abramowicz and Andreas Ekelhart and Stefan Fenz and Monika Kaczmarek and {A Min} Tjoa and {Edgar R.} Weippl and Dominik Zyskowski}, title = {Security aspects in Semantic Web Services Filtering}, booktitle = {Proceedings of the 9th @WAS International Conference on Information Integration and Web-based Applications \& Services (iiWAS2007)}, year = {2007}, pages = {21-31} }
Davide Balzarotti and William Robertson and Christopher Kruegel and Giovanni Vigna, "Improving Signature Testing Through Dynamic Data Flow Analysis," in Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) 2007, 2007. BibTeX

@INPROCEEDINGS{Balzarotti_ImprovingSignatureTesting_2007, Author = {Davide Balzarotti and William Robertson and Christopher Kruegel and Giovanni Vigna}, title = {Improving {S}ignature {T}esting {T}hrough {D}ynamic {D}ata {F}low {A}nalysis}, booktitle = {Proceedings of the 23rd {A}nnual {C}omputer {S}ecurity {A}pplications {C}onference ({ACSAC}) 2007}, year = {2007} }
Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Markus D. Klemen and Edgar R. Weippl, "Architectural approach for handling semi-structured data in an user-centered working environment," International Journal of Web Information Systems, pp. 198-211, 2007. BibTeX | PDF

@ARTICLE{Ekelhart_Architecturalapproachhandling_2007, Pdf = {2007 - Ekelhart - Architectural Approach for Handling Semi-Structured Data in a User-Centered Working Environment.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Gernot Goluch and {Markus D.} Klemen and {Edgar R.} Weippl}, title = {Architectural approach for handling semi-structured data in an user-centered working environment}, journal = {International Journal of Web Information Systems}, year = {2007}, pages = {198-211} }
Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Edgar Weippl, "Ontological Mapping of Common Criteria’s Security Assurance Requirements," in New Approaches for Security, Privacy and Trust in Complex Environments, Proceedings of the IFIP TC 11 22nd International Information Security Conference, IFIPSEC2007, May 14-16, 2007, pp. 85-95. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_OntologicalMappingof_2007, Pdf = {2007 - Ekelhart - Ontological Mapping of Common Criteria's Security Assurance Requirements.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Edgar Weippl}, title = {Ontological Mapping of Common Criteria's Security Assurance Requirements}, booktitle = {New Approaches for Security, Privacy and Trust in Complex Environments, Proceedings of the IFIP TC 11 22nd International Information Security Conference, IFIPSEC2007, May 14-16}, year = {2007}, pages = {85-95} }
Stefan Jakoubi and Simon Tjoa and Gerald Quirchmayr, "Enabling the Risk-Aware Modeling and Simulation of Business Processes," JISSec – Journal of Information System Security, 2007. BibTeX

@ARTICLE{Jakoubi_EnablingRiskAwareModeling_2007, Author = {Stefan Jakoubi and Simon Tjoa and Gerald Quirchmayr}, title = {Enabling the Risk-Aware Modeling and Simulation of Business Processes}, journal = {JISSec - Journal of Information System Security}, year = {2007} }
Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Bernhard Riedl and Simon Tjoa, "CASSIS – Computer-based Academy for Security and Safety in Information Systems," in Proceedings of the 2nd Conference on Availability, Reliability and Security, ARES2007, 2007, pp. 730-740. BibTeX | PDF

@INPROCEEDINGS{Goluch_CASSISComputerbased_2007, Pdf = {2007 - Goluch - CASSIS.pdf}, author = {Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Bernhard Riedl and Simon Tjoa}, title = {{CASSIS} - Computer-based Academy for Security and Safety in Information Systems}, booktitle = {Proceedings of the 2nd Conference on Availability, Reliability and Security, ARES2007}, year = {2007}, pages = {730-740} }
Stefan Fenz and Gernot Goluch and Andreas Ekelhart and Bernhard Riedl and Edgar Weippl, "Information Security Fortification by Ontological Mapping of the ISO/IEC 27001 Standard," in Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing, PRDC2007, 2007, pp. 381-388. BibTeX | PDF

@INPROCEEDINGS{Fenz_InformationSecurityFortification_2007, Pdf = {2007 - Fenz - Information Security Fortification by Ontological Mapping of the ISOIEC 27001 Standard.pdf}, author = {Stefan Fenz and Gernot Goluch and Andreas Ekelhart and Bernhard Riedl and Edgar Weippl}, title = {Information Security Fortification by Ontological Mapping of the {ISO/IEC} 27001 Standard}, booktitle = {Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing, PRDC2007}, year = {2007}, pages = {381-388} }
Andreas Ekelhart and Stefan Fenz and Thomas Neubauer and Edgar Weippl, "Formal threat descriptions for enhancing governmental risk assessment," in Proceedings of the First International Conference on Theory and Practice of Electronic Governance, 2007, pp. 40-43. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_Formalthreatdescriptions_2007, Pdf = {2007 - Ekelhart - Formal Threat Descriptions for Enhancing Governmental Risk Assessment.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer and Edgar Weippl}, title = {Formal threat descriptions for enhancing governmental risk assessment}, booktitle = {Proceedings of the First International Conference on Theory and Practice of Electronic Governance}, year = {2007}, pages = {40-43} }
Andreas Ekelhart and Stefan Fenz and A Min Tjoa and Edgar Weippl, "Security Issues for the Use of Semantic Web in e-Commerce," in Business Information Systems, 10th International Conference on Business Information Systems, BIS 2007, 2007, pp. 1-13. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_SecurityIssuesUse_2007, Pdf = {2007 - Ekelhart - Security Issues for the Use of Semantic Web in e-Commerce.pdf}, author = {Andreas Ekelhart and Stefan Fenz and {A Min} Tjoa and Edgar Weippl}, title = {Security Issues for the Use of Semantic Web in e-Commerce}, booktitle = {Business Information Systems, 10th International Conference on Business Information Systems, BIS 2007}, year = {2007}, pages = {1-13} }
Thomas Neubauer, "Business Process Based Valuation and Selection of IT Investments, Development and Implementation of a Method for the Interactive Selection of IT Investments under Multiple Objectives," PhD Thesis , 2007. BibTeX

@PHDTHESIS{Neubauer_BusinessProcessBased_2007, Author = {Thomas Neubauer}, title = {Business Process Based Valuation and Selection of IT Investments, Development and Implementation of a Method for the Interactive Selection of IT Investments under Multiple Objectives}, year = {2007} }
Thomas Raffetseder and Engin Kirda and Christopher Kruegel, "Building Anti-Phishing Browser Plug-Ins: An Experience Report," in Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems (SESS) 29th International Conference on Software Engineering (ICSE), 2007. BibTeX

@INPROCEEDINGS{Raffetseder_BuildingAntiPhishingBrowser_2007, Author = {Thomas Raffetseder and Engin Kirda and Christopher Kruegel}, title = {Building Anti-Phishing Browser Plug-Ins: An Experience Report}, booktitle = {Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems (SESS) 29th International Conference on Software Engineering (ICSE)}, year = {2007} }
Bernhard Riedl and Thomas Neubauer and Oswald Boehm, Datenverarbeitungssystem zur Verarbeitung von Objektdaten, 2007. BibTeX

@PATENT{Riedl_DatenverarbeitungssystemzurVerarbeitung_2007, year = {2007}, author = {Bernhard Riedl and Thomas Neubauer and Oswald Boehm}, title = {Datenverarbeitungssystem zur {V}erarbeitung von {O}bjektdaten}, journal = {Austrian Patent, Nr. 503291, September} }
Bernhard Riedl and Thomas Neubauer and Gernot Goluch and Oswald Boehm and Gert Reinauer and Alexander Krumboeck, "A secure architecture for the pseudonymization of medical data," in Proceedings of the Second International Conference on Availability, Reliability and Security (ARES), 2007, pp. 318-324. BibTeX

@INPROCEEDINGS{Riedl_securearchitecturepseudonymization_2007, Author = {Bernhard Riedl and Thomas Neubauer and Gernot Goluch and Oswald Boehm and Gert Reinauer and Alexander Krumboeck}, title = {A secure architecture for the pseudonymization of medical data}, booktitle = {Proceedings of the Second International Conference on Availability, Reliability and Security (ARES)}, year = {2007}, pages = {318-324} }
Angelo Rosiello and Christopher Kruegel and Engin Kirda and Fabrizio Ferrandi, "A Layout-Similarity-Based Approach for Detecting Phishing Pages," in Proceedings of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm)., 2007. BibTeX

@INPROCEEDINGS{Rosiello_LayoutSimilarityBasedApproachDetecting_2007, Author = {Angelo Rosiello and Christopher Kruegel and Engin Kirda and Fabrizio Ferrandi}, title = {A Layout-Similarity-Based Approach for Detecting Phishing Pages}, booktitle = {Proceedings of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm).}, year = {2007} }
Szabolcs Rozsnyai and Josef Schiefer and Alexander Schatten, "Concepts and Models for Typing Events for Event-Based Systems," in Proceedings of the Inaugural International Conference on Distributed Event-Based Systems (DEBS 2007), 2007. BibTeX

@INPROCEEDINGS{Rozsnyai_ConceptsandModels_2007, Author = {Szabolcs Rozsnyai and Josef Schiefer and Alexander Schatten}, title = {Concepts and Models for Typing Events for Event-Based Systems}, booktitle = {Proceedings of the Inaugural International Conference on Distributed Event-Based Systems (DEBS 2007)}, year = {2007} }
Bernhard Riedl and Thomas Neubauer and Oswald Boehm, Data processing system for processing of object data, 2007. BibTeX

@PATENT{Riedl_Dataprocessingsystem_2007a, year = {2007}, author = {Bernhard Riedl and Thomas Neubauer and Oswald Boehm}, title = {Data processing system for processing of object data}, journal = {US-Provisional-Application} }
Bernhard Riedl and Thomas Neubauer and Oswald Boehm, Data processing system for processing of object data, 2007. BibTeX

@PATENT{Riedl_Dataprocessingsystem_2007, year = {2007}, author = {Bernhard Riedl and Thomas Neubauer and Oswald Boehm}, title = {Data processing system for processing of object data}, journal = {PCT-Provisional-Application} }
Thomas Raffetseder and Engin Kirda and Christopher Kruegel, "Detecting System Emulators," in Proceedings of the Information Security Conference (ISC), 2007. BibTeX

@INPROCEEDINGS{Raffetseder_DetectingSystemEmulators_2007, Author = {Thomas Raffetseder and Engin Kirda and Christopher Kruegel}, title = {Detecting System Emulators}, booktitle = {Proceedings of the Information Security Conference (ISC)}, year = {2007} }
Bernhard Riedl and Gernot Goluch and Stefan Poechlinger and Edgar Weippl, "Comparative Literature Review on RFID Security and Privacy," in Proceedings of The 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007), 2007. BibTeX

@INPROCEEDINGS{Riedl_ComparativeLiteratureReview_2007, Author = {Bernhard Riedl and Gernot Goluch and Stefan Poechlinger and Edgar Weippl}, title = {Comparative Literature Review on RFID Security and Privacy}, booktitle = {Proceedings of The 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007)}, year = {2007} }
Bernhard Riedl and Veronika Grascher and Thomas Neubauer, "Applying a Threshold Scheme to the Pseudonymization of Health Data," in Proceedings of the 13th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC’07), 2007. BibTeX

@INPROCEEDINGS{Riedl_ApplyingThresholdScheme_2007, Author = {Bernhard Riedl and Veronika Grascher and Thomas Neubauer}, title = {Applying a Threshold Scheme to the Pseudonymization of Health Data}, booktitle = {Proceedings of the 13th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC'07)}, year = {2007} }
Bernhard Riedl and Oliver Jorns, "Secure Access to Emergency Data in an e-Health Architecture," in Proceeding of The 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007), 2007. BibTeX

@INPROCEEDINGS{Riedl_SecureAccessto_2007, Author = {Bernhard Riedl and Oliver Jorns}, title = {Secure {A}ccess to {E}mergency {D}ata in an {e-H}ealth Architecture}, booktitle = {Proceeding of {T}he 9th {I}nternational {C}onference on {I}nformation {I}ntegration and {W}eb-based {A}pplications and {S}ervices (ii{WAS}2007)}, year = {2007} }
Szabolcs Rozsnyai and Josef Schiefer and Alexander Schatten, "Solution Architecture for Detecting and Preventing Fraud in Real Time," in Proceedings of the The Second International Conference on Digital Information Management (ICDIM07), 2007. BibTeX

@INPROCEEDINGS{Rozsnyai_SolutionArchitectureDetecting_2007, Author = {Szabolcs Rozsnyai and Josef Schiefer and Alexander Schatten}, title = {Solution Architecture for Detecting and Preventing Fraud in Real Time}, booktitle = {Proceedings of the The Second International Conference on Digital Information Management (ICDIM07)}, year = {2007} }
Szabolcs Rozsnyai and Roland Vecera and Josef Schiefer and Alexander Schatten, "Event Cloud – Searching for Correlated Business Events," in Proceedings of the 4th IEEE International Conference on Enterprise Computing, E-Commerce and E-Services (EEE ‘ 07), 2007, pp. 409-420. BibTeX

@INPROCEEDINGS{Rozsnyai_EventCloud_2007, Author = {Szabolcs Rozsnyai and Roland Vecera and Josef Schiefer and Alexander Schatten}, title = {Event Cloud - Searching for Correlated Business Events}, booktitle = {Proceedings of the 4th IEEE International Conference on Enterprise Computing, E-Commerce and E-Services (EEE ' 07)}, year = {2007}, pages = {409--420} }
Edgar R. Weippl and Stefan Fenz and Andreas Ekelhart, "Security Ontologies: How to Improve Understanding of Complex Relationships," in Proceedings of the World Conference on Educational Multimedia, Hypermedia and Telecommunications 2007, 2007, pp. 404-407. BibTeX | PDF

@INPROCEEDINGS{Weippl_SecurityOntologiesHow_2007, Pdf = {2007 - Weippl - Security Ontologies How to Improve Understanding of Complex Relationships.pdf}, author = {{Edgar R.} Weippl and Stefan Fenz and Andreas Ekelhart}, title = {Security Ontologies: How to Improve Understanding of Complex Relationships}, booktitle = {Proceedings of the World Conference on Educational Multimedia, Hypermedia and Telecommunications 2007}, year = {2007}, pages = {404-407} }
Edgar R. Weippl and Bernhard Riedl and Veronika Grascher, "Wikis im Social Web." , 2007, pp. 190-198. BibTeX

@INBOOK{Weippl_EinsatzvonAuditsinWikisanStellevonZugriffskontrollenalssozioorganisatorischeSicherheitsmassnahme_2007, pages = {190--198}, title = {Wikis im {S}ocial {W}eb}, year = {2007}, author = {{Edgar R.} Weippl and Bernhard Riedl and Veronika Grascher} }
Gilbert Wondracek and Paulo Milani Comparetti and Christopher Kruegel and Engin Kirda, "Automatic Network Protocol Analysis," in Proceedings of the Network and Distributed System Security Symposium Conference (NDSS), San Diego 2007, 2007. BibTeX

@INPROCEEDINGS{Wondracek_AutomaticNetworkProtocol_2007, Author = {Gilbert Wondracek and {Paulo Milani} Comparetti and Christopher Kruegel and Engin Kirda}, title = {Automatic {N}etwork {P}rotocol {A}nalysis}, booktitle = {Proceedings of the {N}etwork and {D}istributed {S}ystem {S}ecurity {S}ymposium {C}onference ({NDSS}), {S}an {D}iego 2007}, year = {2007} }
Heng Yin and Dawn Song and Manuel Egele and Christopher Kruegel and Engin Kirda, "Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis," in Proceedings of the 14th ACM Conference on Computer and Communications Security, 2007. BibTeX

@INPROCEEDINGS{Yin_PanoramaCapturingSystemwide_2007, Author = {Heng Yin and Dawn Song and Manuel Egele and Christopher Kruegel and Engin Kirda}, title = {Panorama: {C}apturing {S}ystem-wide {I}nformation {F}low for {M}alware {D}etection and {A}nalysis}, booktitle = {Proceedings of the 14th {ACM} {C}onference on {C}omputer and {C}ommunications {S}ecurity}, year = {2007} }
Edgar R. Weippl, "Security Considerations in M-Learning: Threats and Countermeasures," Advanced Technology for Learning, pp. 1-7, 2007. BibTeX

@ARTICLE{Weippl_SecurityConsiderationsin_2007, Author = {{Edgar R.} Weippl}, title = {Security Considerations in M-Learning: Threats and Countermeasures}, journal = {Advanced Technology for Learning}, year = {2007}, pages = {1--7} }
Edgar R. Weippl, "Dependability in E-Assessment," International Journal on E-Learning, 2007. BibTeX

@ARTICLE{Weippl_DependabilityinEAssessment_2007, Author = {{Edgar R.} Weippl}, title = {Dependability in E-Assessment}, journal = {International Journal on E-Learning}, year = {2007} }
Josef Schiefer and Heinz Roth and Martin Suntinger and Alexander Schatten, "Simulating Business Process Scenarios for event-based Systems," in Proceedings of the 15th European Conference on Information Systems (ECIS 2007), 2007. BibTeX

@INPROCEEDINGS{Schiefer_SimulatingBusinessProcess_2007, Author = {Josef Schiefer and Heinz Roth and Martin Suntinger and Alexander Schatten}, title = {Simulating Business Process Scenarios for event-based Systems}, booktitle = {Proceedings of the 15th European Conference on Information Systems (ECIS 2007)}, year = {2007} }
Josef Schiefer and Szabolcs Rozsnyai and Christian Rauscher and Gerd Saurer, "Event-Driven Rules for Sensing and Responding to Business Situations," in Proceedings of the Inaugural International Conference on Distributed Event-Based Systems (DEBS 2007), 2007. BibTeX

@INPROCEEDINGS{Schiefer_EventDrivenRulesSensing_2007, Author = {Josef Schiefer and Szabolcs Rozsnyai and Christian Rauscher and Gerd Saurer}, title = {Event-Driven Rules for Sensing and Responding to Business Situations}, booktitle = {Proceedings of the Inaugural International Conference on Distributed Event-Based Systems (DEBS 2007)}, year = {2007} }
Khalid Latif and Edgar R. Weippl, "Question Driven Semantics Interpretation for Collaborative Knowledge Engineering and Ontology Reuse," in IEEE International Conference on Information Reuse and Integration, 2007. BibTeX

@INPROCEEDINGS{Latif_QuestionDrivenSemantics_2007, Author = {Khalid Latif and {Edgar R.} Weippl}, title = {Question Driven Semantics Interpretation for Collaborative Knowledge Engineering and Ontology Reuse}, booktitle = {IEEE International Conference on Information Reuse and Integration}, year = {2007} }
Philipp Vogt and Florian Nentwich and Nenad Jovanovic and Christopher Kruegel and Engin Kirda and Giovanni Vigna, "Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis," in In Proceedings of 14th Annual Network and Distributed System Security Symposium (NDSS 2007), 2007. BibTeX

@INPROCEEDINGS{Vogt_CrossSiteScripting_2007, Author = {Philipp Vogt and Florian Nentwich and Nenad Jovanovic and Christopher Kruegel and Engin Kirda and Giovanni Vigna}, title = {Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis}, booktitle = {In Proceedings of 14th Annual Network and Distributed System Security Symposium (NDSS 2007)}, year = {2007} }
Martin Szydlowski and Christopher Kruegel and Engin Kirda, "Secure Input for Web Applications," in Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) 2007, 2007. BibTeX

@INPROCEEDINGS{Szydlowski_SecureInputWeb_2007, Author = {Martin Szydlowski and Christopher Kruegel and Engin Kirda}, title = {Secure {I}nput for {W}eb {A}pplications}, booktitle = {Proceedings of the 23rd {A}nnual {C}omputer {S}ecurity {A}pplications {C}onference ({ACSAC}) 2007}, year = {2007} }
Jörn- Marc Schmidt and Michael Hutter, "Optical and EM Fault-Attacks on CRT-based RSA: Concrete Results," in Proceedings of the Austrochip 2007, 2007, pp. 61-67. BibTeX

@INPROCEEDINGS{Schmidt_OpticalandEM_2007, Author = {J{\"o}rn- Marc Schmidt and Michael Hutter}, title = {{Optical and EM Fault-Attacks on CRT-based RSA: Concrete Results}}, booktitle = {Proceedings of the Austrochip 2007}, year = {2007}, pages = {61--67} }
T. Neubauer and G. Goluch and B. Riedl, "A Research Agenda for Autonomous Business Process Management," in Proceedings of the Second International Conference on Availability, Reliability and Security ARES, 2007. BibTeX

@INPROCEEDINGS{Neubauer_ResearchAgendaAutonomous_2007, Author = {T.~Neubauer and G.~Goluch and B.~Riedl}, title = {A Research Agenda for Autonomous Business Process Management}, booktitle = {{P}roceedings of the {S}econd {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}}, year = {2007} }
Thomas Neubauer and Christian Stummer, "Entscheidungsunterstützung für die Auswahl von Softwarekomponenten bei mehrfachen Zielsetzungen," in Tagungsband Wirtschaftsinformatik, 2007. BibTeX

@INPROCEEDINGS{Neubauer_Entscheidungsunterstuetzungfuerdie_2007, Author = {Thomas Neubauer and Christian Stummer}, title = {{E}ntscheidungsunterst{\"u}tzung f{\"u}r die {A}uswahl von {S}oftwarekomponenten bei mehrfachen {Z}ielsetzungen}, booktitle = {Tagungsband Wirtschaftsinformatik}, year = {2007} }
Thomas Neubauer and Bernhard Riedl and Thomas Mueck, "Pseudonymisierung zur sicheren Umsetzung des elektronischen Gesundheitsakts," OCG Journal, 2007. BibTeX

@ARTICLE{Neubauer_Pseudonymisierungzursicheren_2007, Author = {Thomas Neubauer and Bernhard Riedl and Thomas Mueck}, title = {Pseudonymisierung zur sicheren Umsetzung des elektronischen Gesundheitsakts}, journal = {OCG Journal}, year = {2007} }
Andreas Moser and Christopher Kruegel and Engin Kirda, "Limits of Static Analysis for Malware Detection," in Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) 2007, 2007. BibTeX | PDF

@INPROCEEDINGS{Moser_LimitsofStatic_2007, Pdf = {Moser_LimitsofStatic_2007.pdf}, author = {Andreas Moser and Christopher Kruegel and Engin Kirda}, title = {Limits of {S}tatic {A}nalysis for {M}alware {D}etection}, booktitle = {Proceedings of the 23rd {A}nnual {C}omputer {S}ecurity {A}pplications {C}onference ({ACSAC}) 2007}, year = {2007} }
Thomas Neubauer and Johannes Heurix, "Multiobjective Decision Support for defining Secure Business Processes," in Proceedings of the Ninth International Conference on Information Integration and Web-based Applications Services, 2007. BibTeX

@INPROCEEDINGS{Neubauer_MultiobjectiveDecisionSupport_2007, Author = {Thomas Neubauer and Johannes Heurix}, title = {Multiobjective Decision Support for defining Secure Business Processes}, booktitle = {Proceedings of the Ninth International Conference on Information Integration and Web-based Applications Services}, year = {2007} }
Thomas Neubauer and Christian Stummer, "Extending Business Process Management to Determine Efficient IT Investments," in Proceedings of the 2007 ACM Symposium on Applied Computing, 2007, pp. 1250-1256. BibTeX

@INPROCEEDINGS{Neubauer_ExtendingBusinessProcess_2007, Author = {Thomas Neubauer and Christian Stummer}, title = {{Extending Business Process Management to Determine Efficient IT Investments}}, booktitle = {Proceedings of the 2007 ACM Symposium on Applied Computing}, year = {2007}, pages = {1250--1256}, journal = {SAC '07} }
Thomas Neubauer and Christian Stummer, "Interactive Decision Support for multiobjective COTS Selection," in Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007, 2007. BibTeX

@INPROCEEDINGS{Neubauer_InteractiveDecisionSupport_2007, Author = {Thomas Neubauer and Christian Stummer}, title = {{Interactive Decision Support for multiobjective COTS Selection}}, booktitle = {Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007}, year = {2007} }
Andreas Moser and Christopher Kruegel and Engin Kirda, "Exploring Multiple Execution Paths for Malware Analysis," in Proceedinga of the IEEE Symposium on Security and Privacy 2007, 2007. BibTeX

@INPROCEEDINGS{Moser_ExploringMultipleExecution_2007, Author = {Andreas Moser and Christopher Kruegel and Engin Kirda}, title = {Exploring Multiple Execution Paths for Malware Analysis}, booktitle = {Proceedinga of the IEEE Symposium on Security and Privacy 2007}, year = {2007} }
Christian Ludl and Sean McAllister and Engin Kirda and Christopher Kruegel, "On the Effectiveness of Techniques to Detect Phishing Sites," in Proceedings of the Conference on the Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA)., 2007. BibTeX

@INPROCEEDINGS{Ludl_EffectivenessofTechniques_2007, Author = {Christian Ludl and Sean McAllister and Engin Kirda and Christopher Kruegel}, title = {On the Effectiveness of Techniques to Detect Phishing Sites}, booktitle = {Proceedings of the Conference on the Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA).}, year = {2007} }
Ulrich Bayer and Andreas Moser and Christopher Kruegel and Engin Kirda, "Dynamic Analysis of Malicious Code," Journal in Computer Virology, 2006. BibTeX

@ARTICLE{Bayer_DynamicAnalysisof_2006, Author = {Ulrich Bayer and Andreas Moser and Christopher Kruegel and Engin Kirda}, title = {Dynamic Analysis of Malicious Code}, journal = {Journal in Computer Virology}, year = {2006}, booktitle = {Journal in Computer Virology} }
Edgar R. Weippl, "On the Use of Test Centers in e-Assessment," eLearning Reports, 2006. BibTeX

@ARTICLE{Weippl_UseofTest_2006, Author = {Edgar R. Weippl}, title = {On the Use of Test Centers in e-Assessment}, journal = {eLearning Reports}, year = {2006} }
Thomas Neubauer and Edgar R. Weippl and Arno Hollosi, "Digitale PDF-Signaturen mit der Bürgerkarte," in Proceedings of D-A-CH Security 2006, 2006. BibTeX

@INPROCEEDINGS{Neubauer_DigitalePDFSignaturenmit_2006, Author = {Thomas Neubauer and {Edgar R.} Weippl and Arno Hollosi}, title = {Digitale {P}{D}{F}-{S}ignaturen mit der {B}\"urgerkarte}, booktitle = {Proceedings of D-A-CH Security 2006}, year = {2006} }
Stefan Kals and Engin Kirda and Christopher Kruegel and Nenad Jovanovic, "SecuBat: A Web Vulnerability Scanner," in Proceedings of The 15th International World Wide Web Conference (WWW 2006), 2006. BibTeX

@INPROCEEDINGS{Kals_SecuBatWebVulnerability_2006, Author = {Stefan Kals and Engin Kirda and Christopher Kruegel and Nenad Jovanovic}, title = {SecuBat: A Web Vulnerability Scanner}, booktitle = {Proceedings of The 15th International World Wide Web Conference (WWW 2006)}, year = {2006} }
Edgar R. Weippl, "Handbook of Research on Mobile Multimedia." , 2006, pp. 22-37. BibTeX

@INBOOK{Weippl_Chapter3SecurityandTrustinMobileMultimedia_2006, pages = {22--37}, title = {Handbook of Research on Mobile Multimedia}, year = {2006}, author = {{Edgar R.} Weippl} }
Edgar R. Weippl and Andreas Holzinger and A Min Tjoa, "Security Aspects of Ubiquitous Computing in Health Care," e\&i, pp. 156-161, 2006. BibTeX

@ARTICLE{Weippl_SecurityAspectsof_2006, Author = {{Edgar R.} Weippl and Andreas Holzinger and {A Min} Tjoa}, title = {Security Aspects of Ubiquitous Computing in Health Care}, journal = {e\&i}, year = {2006}, pages = {156--161} }
Ulrich Bayer and Christopher Kruegel and Engin Kirda, "TTAnalyze: A Tool for Analyzing Malware," in Proceedings of the 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference, 2006. BibTeX

@INPROCEEDINGS{Bayer_TTAnalyzeToolAnalyzing_2006, Author = {Ulrich Bayer and Christopher Kruegel and Engin Kirda}, title = {TTAnalyze: A Tool for Analyzing Malware}, booktitle = {Proceedings of the 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference}, year = {2006} }
Edgar R. Weippl and Jamil Wahbeh, "Mobile Multimedia: Communication Engineering Perspective." , 2006, pp. 101-116. BibTeX

@INBOOK{Weippl_SecuringMobileCommunicationRADIUSinaWindowsEnvironment_2006, pages = {101--116}, title = {Mobile Multimedia: Communication Engineering Perspective}, year = {2006}, author = {{Edgar R.} Weippl and Jamil Wahbeh} }
Dietmar Winkler and Ramona Varvaroi and Gernot Goluch and Stefan Biffl, "An Empirical Study On Integrating Analytical Quality Assurance Into Pair Programming," in Proceedings of 5th ACM-IEEE International Symposium on Empirical Software Engineering, 2006. BibTeX

@INPROCEEDINGS{Winkler_EmpiricalStudyIntegrating_2006, Author = {Dietmar Winkler and Ramona Varvaroi and Gernot Goluch and Stefan Biffl}, title = {An Empirical Study On Integrating Analytical Quality Assurance Into Pair Programming}, booktitle = {Proceedings of 5th ACM-IEEE International Symposium on Empirical Software Engineering}, year = {2006} }
Edgar R. Weippl and Mathias Strasser, "Sarbanes-Oxley Act Compliance: Strategies for Implementing a Audit Committee Complaints Procedure," Information Systems Control Journal, 2006. BibTeX

@ARTICLE{Weippl_SarbanesOxleyActCompliance_2006, Author = {{Edgar R.} Weippl and Mathias Strasser}, title = {Sarbanes-Oxley Act Compliance: Strategies for Implementing a Audit Committee Complaints Procedure}, journal = {Information Systems Control Journal}, year = {2006} }
Patrick Klinkoff and Christopher Kruegel and Engin Kirda and Giovanni Vigna, "Extending .NET Security to Unmanaged Code," in In Proceedings of the 9th Information Security Conference (ISC 2006), 2006. BibTeX

@INPROCEEDINGS{Klinkoff_Extending.NETSecurity_2006, Author = {Patrick Klinkoff and Christopher Kruegel and Engin Kirda and Giovanni Vigna}, title = {Extending .NET Security to Unmanaged Code}, booktitle = {In Proceedings of the 9th Information Security Conference (ISC 2006)}, year = {2006} }
Edgar R. Weippl, "Addressing the Weakest Link: How to improve teaching of IT security," in Proceedings of ED-MEDIA 2006, 2006. BibTeX

@INPROCEEDINGS{Weippl_AddressingWeakestLink_2006, Author = {Edgar R. Weippl}, title = {Addressing the Weakest Link: How to improve teaching of IT security}, booktitle = {Proceedings of ED-MEDIA 2006}, year = {2006} }
Edgar R. Weippl and Markus Klemen, "Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues." , 2006. BibTeX

@INBOOK{Weippl_ImplementingITSecurityforSmallandMediumSizedEnterprises_2006, title = {Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues}, year = {2006}, author = {{Edgar R.} Weippl and Markus Klemen} }
Engin Kirda and Christopher Kruegel and Greg Banks and Giovanni Vigna and Richard A. Kemmerer, "Behavior-Based Spyware Detection," in Proceedings of USENIX Security ’06, 2006. BibTeX

@INPROCEEDINGS{Kirda_BehaviorBasedSpywareDetection_2006, Author = {Engin Kirda and Christopher Kruegel and Greg Banks and Giovanni Vigna and Richard A. Kemmerer}, title = {Behavior-Based Spyware Detection}, booktitle = {Proceedings of USENIX Security '06}, year = {2006} }
Nenad Jovanovic and Engin Kirda and Christopher Kruegel, "Preventing Cross Site Request Forgery Attacks," in In Proceedings of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm), 2006. BibTeX

@INPROCEEDINGS{Jovanovic_PreventingCrossSite_2006, Author = {Nenad Jovanovic and Engin Kirda and Christopher Kruegel}, title = {Preventing Cross Site Request Forgery Attacks}, booktitle = {In Proceedings of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm)}, year = {2006} }
Andreas Ekelhart and Stefan Fenz and Markus D. Klemen and A Min Tjoa and Edgar R. Weippl, "Ontology-based Business Knowledge for Simulating Threats to Corporate Assets," in Practical Aspects of Knowledge Management, 6th International Conference, PAKM 2006, 2006, pp. 37-48. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_OntologybasedBusinessKnowledge_2006, Pdf = {2006 - Ekelhart - Ontology-based Business Knowledge for Simulating Threats to Corporate Assets.pdf}, author = {Andreas Ekelhart and Stefan Fenz and {Markus D.} Klemen and {A Min} Tjoa and {Edgar R.} Weippl}, title = {Ontology-based Business Knowledge for Simulating Threats to Corporate Assets}, booktitle = {Practical Aspects of Knowledge Management, 6th International Conference, PAKM 2006}, year = {2006}, pages = {37-48} }
Andreas Ekelhart and Stefan Fenz and Markus Klemen and Edgar R. Weippl, "Security Ontology: Simulating Threats to Corporate Assets," in Information Systems Security, Second International Conference, ICISS 2006, 2006, pp. 249-259. BibTeX | PDF

@INPROCEEDINGS{Ekelhart_SecurityOntologySimulating_2006, Pdf = {2006 - Ekelhart - Security Ontology Simulating Threats to Corporate Assets.pdf}, author = {Andreas Ekelhart and Stefan Fenz and Markus Klemen and {Edgar R.} Weippl}, title = {Security Ontology: Simulating Threats to Corporate Assets}, booktitle = {Information Systems Security, Second International Conference, ICISS 2006}, year = {2006}, pages = {249-259} }
Thomas Neubauer and Markus Klemen and Stefan Biffl, "Secure Business Process Management: A Roadmap," in Proceedings of the First International Conference on Availability, Reliability and Security ARES, 2006, pp. 457-464. BibTeX

@INPROCEEDINGS{Neubauer_SecureBusinessProcess_2006, Author = {Thomas Neubauer and Markus Klemen and Stefan Biffl}, title = {Secure {B}usiness {P}rocess {M}anagement: {A} {R}oadmap}, booktitle = {{P}roceedings of the {F}irst {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}}, year = {2006}, pages = {457--464}, journal = {I{EEE} {P}roceedings of the {F}irst {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES} 2006} }
T. Neubauer and Christian Stummer and Edgar Weippl, "Workshop-based Multiobjective Security Safeguard Selection," in Proceedings of the First International Conference on Availability, Reliability and Security ARES, 2006, pp. 366-373. BibTeX

@INPROCEEDINGS{Neubauer_WorkshopbasedMultiobjectiveSecurity_2006, Author = {T. Neubauer and Christian Stummer and Edgar Weippl}, title = {Workshop-based {M}ultiobjective {S}ecurity {S}afeguard {S}election}, booktitle = {{P}roceedings of the {F}irst {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}}, year = {2006}, pages = {366--373}, journal = {I{EEE} {P}roceedings of the {F}irst {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity ({ARES} 2006)} }
Stefan Fenz and Edgar R. Weippl, "Ontology-based IT-Security Planning," in Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing, PRDC2006, 2006, pp. 389-390. BibTeX | PDF

@INPROCEEDINGS{Fenz_OntologybasedITSecurityPlanning_2006, Pdf = {2006 - Fenz - Ontology-based IT Security Planning.pdf}, author = {Stefan Fenz and {Edgar R.} Weippl}, title = {Ontology-based IT-Security Planning}, booktitle = {Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing, PRDC2006}, year = {2006}, pages = {389-390} }
Thomas Neubauer and Edgar R. Weippl and Stefan Biffl, "Digital Signatures with Familiar Appearance for e-Government Documents: Authentic PDF," in Proceedings of the International Conference on Availability, Reliability and Security (ARES’06), 2006, pp. 723-731. BibTeX

@INPROCEEDINGS{Neubauer_DigitalSignatureswith_2006, Author = {Thomas Neubauer and {Edgar R.} Weippl and Stefan Biffl}, title = {Digital Signatures with Familiar Appearance for e-Government Documents: Authentic PDF}, booktitle = {Proceedings of the International Conference on Availability, Reliability and Security (ARES'06)}, year = {2006}, pages = {723-731} }
Gernot Goluch and Edgar R. Weippl, "Nichtabstreitbarkeit und Audits in ELearning," in IRIS 2006, 2006. BibTeX

@INPROCEEDINGS{Goluch_NichtabstreitbarkeitundAudits_2006, Author = {Gernot Goluch and {Edgar R.} Weippl}, title = {Nichtabstreitbarkeit und Audits in ELearning}, booktitle = {IRIS 2006}, year = {2006} }
Manuel Egele and Martin Szydlowski and Engin Kirda and Christopher Kruegel, "Using Static Program Analysis to Aid Intrusion Detection," in Proceedings of Detection of Intrusions and Malware and Vulnerability Assessment, 2006. BibTeX

@INPROCEEDINGS{Egele_UsingStaticProgram_2006, Author = {Manuel Egele and Martin Szydlowski and Engin Kirda and Christopher Kruegel}, title = {Using Static Program Analysis to Aid Intrusion Detection}, booktitle = {Proceedings of Detection of Intrusions and Malware and Vulnerability Assessment}, year = {2006} }
Nenad Jovanovic and Christopher Kruegel and Engin Kirda, "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper).," in Proceedings of the IEEE Symposium on Security and Privacy 2006, 2006. BibTeX

@INPROCEEDINGS{Jovanovic_PixyStaticAnalysis_2006, Author = {Nenad Jovanovic and Christopher Kruegel and Engin Kirda}, title = {Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper).}, booktitle = {Proceedings of the IEEE Symposium on Security and Privacy 2006}, year = {2006} }
Edgar R. Weippl, "Dependability in E-Assessment," in Proceedings of ED-MEDIA 2005, 2005. BibTeX

@INPROCEEDINGS{Weippl_DependabilityinEAssessment_2005, Author = {Edgar R. Weippl}, title = {Dependability in E-Assessment}, booktitle = {Proceedings of ED-MEDIA 2005}, year = {2005} }
Edgar R. Weippl and A Min Tjoa, "Privacy in E-Learning: Anonymity, Pseudonyms and Authenticated Usage," Interactive Technology and Smart Education (ITSE), pp. 247-256, 2005. BibTeX

@ARTICLE{Weippl_PrivacyinELearning_2005, Author = {{Edgar R.} Weippl and {A Min} Tjoa}, title = {Privacy in E-Learning: Anonymity, Pseudonyms and Authenticated Usage}, journal = {Interactive Technology and Smart Education (ITSE)}, year = {2005}, pages = {247--256} }
Edgar Weippl and A Min Tjoa, "Privacy in E-learning: How to Implement Anonymity," in Proceedings the 3rd ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-05), Workshop on E-Learning Online Communities (eLOC), 2005. BibTeX

@INPROCEEDINGS{Weippl_PrivacyinElearning_2005a, Author = {Edgar Weippl and {A Min} Tjoa}, title = {Privacy in E-learning: How to Implement Anonymity}, booktitle = {Proceedings the 3rd ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-05), Workshop on E-Learning Online Communities (eLOC)}, year = {2005} }
Edgar Weippl and Markus D. Klemen and Manfred Linnert and Stefan Fenz and Gernot Goluch and A Min Tjoa, "Semantic Storage: A Report on Performance and Flexibility," in Database and Expert Systems Applications, 16th International Conference, DEXA 2005, 2005, pp. 586-595. BibTeX | PDF

@INPROCEEDINGS{Weippl_SemanticStorageReport_2005, Pdf = {2005 - Weippl - Semantic Storage A Report on Performance and Flexibility:2005 - Weippl - Semantic Storage A Report on Performance and Flexibility.pdf}, author = {Edgar Weippl and {Markus D.} Klemen and Manfred Linnert and Stefan Fenz and Gernot Goluch and {A Min} Tjoa}, title = {Semantic Storage: A Report on Performance and Flexibility}, booktitle = {Database and Expert Systems Applications, 16th International Conference, DEXA 2005}, year = {2005}, pages = {586-595} }
Edgar R. Weippl and Markus D. Klemen and Stefan Fenz and Andreas Ekelhart and A Min Tjoa, "The Semantic Desktop: A Semantic Personal Information Management System based on RDF and Topic Maps," in Proceedings of the ODBIS Workshop, 31st International Conference on Very Large Data Bases (VLDB) 2005, 2005, pp. 135-151. BibTeX | PDF

@INPROCEEDINGS{Weippl_SemanticDesktopSemantic_2005, Pdf = {2005 - Weippl - The Semantic Desktop.pdf}, author = {{Edgar R.} Weippl and {Markus D.} Klemen and Stefan Fenz and Andreas Ekelhart and {A Min} Tjoa}, title = {The Semantic Desktop: A Semantic Personal Information Management System based on RDF and Topic Maps}, booktitle = {Proceedings of the ODBIS Workshop, 31st International Conference on Very Large Data Bases (VLDB) 2005}, year = {2005}, pages = {135-151} }
Tho Manh Nguyen and Peter Brezany and A Min Tjoa and Edgar R. Weippl, "Toward a Grid-Based Zero-Latency Data Warehousing Implementation for Continuous Data Streams Processing," International Journal of Data Warehousing and Mining, pp. 22-55, 2005. BibTeX

@ARTICLE{Nguyen_TowardGridBasedZeroLatency_2005, Author = {{Tho Manh} Nguyen and Peter Brezany and {A Min Tjoa} and {Edgar R.} Weippl}, title = {Toward a Grid-Based Zero-Latency Data Warehousing Implementation for Continuous Data Streams Processing}, journal = {International Journal of Data Warehousing and Mining}, year = {2005}, pages = {22-55} }
Hakan Kalinyaprak and Gerald Futschek and Georg Blaha and Edgar R. Weippl, "E-Learning without Text and Language: A Language-Free Learning Model," in Proceedings of EDMEDIA 2005, 2005. BibTeX

@INPROCEEDINGS{Kalinyaprak_ELearningwithoutText_2005, Author = {Hakan Kalinyaprak and Gerald Futschek and Georg Blaha and {Edgar R.} Weippl}, title = {E-Learning without Text and Language: A Language-Free Learning Model}, booktitle = {Proceedings of EDMEDIA 2005}, year = {2005} }
Edgar R. Weippl, "Encyclopedia of E-Commerce, E-Government and Mobile Commerce." , 2005, pp. 135-140. BibTeX

@INBOOK{Weippl_ComputerSecurityintheContextofELearning_2005, pages = {135--140}, title = {Encyclopedia of E-Commerce, E-Government and Mobile Commerce}, year = {2005}, author = {{Edgar R.} Weippl} }
Eva Gahleitner and Wernher Behrendt and Juergen Palkoska and Edgar R. Weippl, "On Cooperatively Creating Dynamic Ontologies," in Proceedings of the 16th ACM Conference on Hypertext and Hypermedia, 2005. BibTeX

@INPROCEEDINGS{Gahleitner_CooperativelyCreatingDynamic_2005, Author = {Eva Gahleitner and Wernher Behrendt and Juergen Palkoska and Edgar R. Weippl}, title = {On Cooperatively Creating Dynamic Ontologies}, booktitle = {Proceedings of the 16th ACM Conference on Hypertext and Hypermedia}, year = {2005} }
Edgar R. Weippl, "On the Use of Test Centers in E-Assessment," published in elearningreports.com, 2005. BibTeX

@ARTICLE{Weippl_UseofTest_2005, Author = {{Edgar R.} Weippl}, title = {On the Use of Test Centers in E-Assessment}, journal = {published in elearningreports.com}, year = {2005} }
Stefan Biffl and Bettina Thurnher and Gernot Goluch and Dietmar Winkler and Wolfgang Aigner and Silvia Miksch, "An Empirical investigation on the Visualization of Temporal Uncertainties in Software Engineering Project Planning," in Proceedings of 5th ACM-IEEE International Symposium on Empirical Software Engineering, 2005. BibTeX

@INPROCEEDINGS{Biffl_EmpiricalinvestigationVisualization_2005, Author = {Stefan Biffl and Bettina Thurnher and Gernot Goluch and Dietmar Winkler and Wolfgang Aigner and Silvia Miksch}, title = {An Empirical investigation on the Visualization of Temporal Uncertainties in Software Engineering Project Planning}, booktitle = {Proceedings of 5th ACM-IEEE International Symposium on Empirical Software Engineering}, year = {2005} }
T. Neubauer and M. Klemen and S. Biffl, "Business Process-based Valuation of IT-Security," in International ACM Conference on Software Engineering, Proceedings of the seventh international workshop on economics-driven software engineering research (EDSER’05), 2005. BibTeX

@INPROCEEDINGS{Neubauer_BusinessProcessbasedValuation_2005, Author = {T. Neubauer and M. Klemen and S. Biffl}, title = {Business {P}rocess-based {V}aluation of {IT}-{S}ecurity}, booktitle = {International {ACM} {C}onference on {S}oftware {E}ngineering, {P}roceedings of the seventh international workshop on economics-driven software engineering research ({EDSER}'05)}, year = {2005} }
Edgar R. Weippl, "Non-Repudiation and Audits in E-Learning, invited paper," in Proceedings of E-Learn 2005, 2005, pp. 1785-1790. BibTeX

@INPROCEEDINGS{Weippl_NonRepudiationandAudits_2005, Author = {{Edgar R.} Weippl}, title = {Non-Repudiation and Audits in E-Learning, invited paper}, booktitle = {Proceedings of E-Learn 2005}, year = {2005}, pages = {1785--1790} }
Edgar R. Weippl, Security in E-Learning, , 2005. BibTeX

@BOOK{Weippl_SecurityinELearning_2005b, title = {Security in E-Learning}, year = {2005}, author = {{Edgar R.} Weippl} }
Edgar R. Weippl, "Security in E-Learning," ACM ELearn Magazine, 2005. BibTeX

@ARTICLE{Weippl_SecurityinELearning_2005, Author = {Edgar R. Weippl}, title = {Security in E-Learning}, journal = {ACM ELearn Magazine}, year = {2005} }
Thomas Neubauer and Stefan Biffl, "Geschäftsprozessmanagement -Eine empirische Studie zum Status quo in Österreich, der Schweiz und Deutschland," OCG Journal, 2005. BibTeX

@ARTICLE{Neubauer_GeschaftsprozessmanagementEineempirische_2005, Author = {Thomas Neubauer and Stefan Biffl}, title = {Gesch\"aftsprozessmanagement -{E}ine empirische {S}tudie zum {S}tatus quo in \"Osterreich, der {S}chweiz und {D}eutschland}, journal = {O{CG} {J}ournal}, year = {2005} }
Edgar R. Weippl, "The Handbook of Information Security." , 2005. BibTeX

@INBOOK{Weippl_SecurityinELearning_2005a, title = {The Handbook of Information Security}, year = {2005}, author = {{Edgar R.} Weippl} }
Muhammad Asfand-e-yar and Amin Anjomshoaa and Edgar R. Weippl and A Min Tjoa, "Security in Mobile Multimedia," Journal of Communication Engineering, pp. 59-69, 2004. BibTeX | PDF

@ARTICLE{weippl_ax_2010_ontologyLicense, Author = {Muhammad Asfand-e-yar and Amin Anjomshoaa and {Edgar R.} Weippl and {A Min } Tjoa }, title = {Exploiting Ontology for Software License Agreements}, journal = {International Journal of Software and Informatics }, year = {2010}, pages = {1--12}, pdf = {Papers/Weippl/ax_2010_ontologyLicense.pdf}, title = {Security in Mobile Multimedia}, journal = {Journal of Communication Engineering}, year = {2004}, pages = {59--69}, pdf = {Papers/Weippl/ag_2004_weippl.pdf} }
T. Neubauer, "Value-Based Decision Support in Software Engineering," in Proceedings of the Alpine Software Engineering Workshop 2004, 2004. BibTeX

@INPROCEEDINGS{Neubauer_ValueBasedDecisionSupport_2004, Author = {T.~Neubauer}, title = {Value-{B}ased {D}ecision {S}upport in {S}oftware {E}ngineering}, booktitle = {Proceedings of the Alpine {S}oftware {E}ngineering {W}orkshop 2004}, year = {2004} }
Wolfgang Essmayr and Stefan Probst and Edgar R. Weippl, "Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms," International Journal of Electronic Commerce Research, pp. 127-156, 2004. BibTeX | PDF

@article{weippl_ae, Author = {Wolfgang Essmayr and Stefan Probst and {Edgar R.} Weippl}, title = {Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms}, journal = {International Journal of Electronic Commerce Research}, year = {2004}, pages = {127--156}, pdf = {Papers/Weippl/ae_2002_essmayr.pdf} }
Edgar R. Weippl and Ludwig Klug and Wolfgang Essmayr, "A New Approach to Secure Federated Information Bases using Agent Technology," Journal of Database Management, Kluwer, pp. 48-68, 2003. BibTeX | PDF

@article{weippl_af, Author = {{Edgar R.} Weippl and Ludwig Klug and Wolfgang Essmayr}, title = {A New Approach to Secure Federated Information Bases using Agent Technology}, journal = {Journal of Database Management, Kluwer}, year = {2003}, pages = {48--68}, pdf = {Papers/Weippl/af_2002_JDM.pdf} }
Edgar R. Weippl and Wolfgang Essmayr, "Personal Trusted Devices for web services: Revisiting Multilevel Security," Mobile Networks and Applications, Kluwer, pp. 151-157, 2003. BibTeX | PDF

@article{weippl_aa, Author = {{Edgar R.} Weippl and Wolfgang Essmayr}, title = {Personal Trusted Devices for web services: Revisiting Multilevel Security}, journal = {Mobile Networks and Applications, Kluwer}, year = {2003}, pages = {151--157}, pdf = {Papers/Weippl/aa_weippl_monet_121.pdf} }
Edgar Weippl, "The Transition from E-commerce to M-commerce: Why Security should be the enabling technology," Journal of Information Technology Theory and Application (JITTA), pp. 17-19, 2001. BibTeX

@ARTICLE{weippl_ga, Author = {Edgar Weippl}, title = {The Transition from E-commerce to M-commerce: Why Security should be the enabling technology}, journal = {Journal of Information Technology Theory and Application (JITTA)}, year = {2001}, pages = {17--19} }
Wolfgang Essmayr and Edgar Weippl, "Identity Mapping: An Approach to Unravel Enterprise Security Management Policies," in Proceedings of the 16th IFIP World Computer Congress, 2000. BibTeX

@INPROCEEDINGS{weippl_bl, Author = {Wolfgang Essmayr and Edgar Weippl}, title = {Identity Mapping: An Approach to Unravel Enterprise Security Management Policies}, booktitle = {Proceedings of the 16th IFIP World Computer Congress}, year = {2000} }
Edgar Weippl and Wolfgang Essmayr, "Fine Grained Replication in Distributed Databases: A Taxonomy and Practical Considerations," in Proceedings of the 11th International Conference on Database and Expert Systems Applications (DEXA), 2000. BibTeX | PDF

@INPROCEEDINGS{weippl_bk, Author = {Edgar Weippl and Wolfgang Essmayr}, title = {Fine Grained Replication in Distributed Databases: A Taxonomy and Practical Considerations}, booktitle = {Proceedings of the 11th International Conference on Database and Expert Systems Applications (DEXA)}, year = {2000}, pdf = {Papers\Weippl\bk_2000_dexa.pdf} }
Edgar Weippl and Hans Lohninger, "Knowledge Landscapes: A VR Interface for CBT Knowledge Bases," in 10th European-Japanese Conference on Information Modeling and Knowledge Bases, 2000. BibTeX

@INPROCEEDINGS{weippl_bm, Author = {Edgar Weippl and Hans Lohninger}, title = {Knowledge Landscapes: A VR Interface for CBT Knowledge Bases}, booktitle = {10th European-Japanese Conference on Information Modeling and Knowledge Bases}, year = {2000} }
Edgar Weippl and Hans Lohninger, "Teach/Me: Leveraging CBT-Course Efficiency Using Improved User Interfaces," in Proceedings of the International Conference on Information and Communication Technologies for Education (EDICT), 2000, pp. 355-362. BibTeX

@INPROCEEDINGS{weippl_bj, Author = {Edgar Weippl and Hans Lohninger}, title = {Teach/Me: Leveraging CBT-Course Efficiency Using Improved User Interfaces}, booktitle = {Proceedings of the International Conference on Information and Communication Technologies for Education (EDICT)}, year = {2000}, pages = {355--362} }
Edgar Weippl and Hans Lohninger, "Evaluating CBT Software Usage in Schools and Universities," in Proceedings of the 19th IDCE World Conference On Open Learning And Distance Education, 1999. BibTeX

@INPROCEEDINGS{weippl_bo, Author = {Edgar Weippl and Hans Lohninger}, title = {Evaluating CBT Software Usage in Schools and Universities}, booktitle = {Proceedings of the 19th IDCE World Conference On Open Learning And Distance Education}, year = {1999} }
Edgar Weippl and Hans Lohninger, "Special Requirements for Information Visualization in CBT," in Proceedings of Edu+Compugraphics 97, 1997, pp. 133-139. BibTeX

@INPROCEEDINGS{weippl_bp, Author = {Edgar Weippl and Hans Lohninger}, title = {Special Requirements for Information Visualization in CBT}, booktitle = {Proceedings of Edu+Compugraphics 97}, year = {1997}, pages = {133--139} }