Publications

Here you can find a selection of current publications at SBA Research:

  • Johanna Ullrich and Tanja Szeby and Joachim Fabini and Edgar R. Weippl, "Network-Based Secret Communication in Clouds: A Survey," IEEE Communications Surveys & Tutorials, 2017. BibTeX | PDF
    @ARTICLE{Ullrich2017NetworkBased,
      Author = {Johanna Ullrich and Tanja Szeby and Joachim Fabini and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Network-Based Secret Communication in Clouds: A Survey},
      journal = {IEEE Communications Surveys & Tutorials},
      year = {2017},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/secretCloud_2017.pdf},
      }
  • Katharina Krombholz and Thomas Hupperich and Thorsten Holz, "May the Force be with You: The Future of Force-Sensitive Authentication," Journal of Internet Computing, Special Issue of Usable Security and privacy, 2017. BibTeX
    @ARTICLE{Krombholz2017Force,
      Author = {Katharina Krombholz and Thomas Hupperich and Thorsten Holz},
      sbahotlist = {true},
      title = {May the Force be with You: The Future of Force-Sensitive Authentication},
      journal = {Journal of Internet Computing, Special Issue of Usable Security and privacy},
      year = {2017},
      month = {0},
      }
  • Georg Merzdovnik and Markus Huber and Damjan Buhov and Nick Nikiforakis and Sebastian Neuner and Martin Schmiedecker and Edgar R. Weippl, "Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools," in 2nd IEEE European Symposium on Security and Privacy (Euro S&P), 2017. BibTeX | PDF
    @INPROCEEDINGS{Merzdovnik2017,
      Author = {Georg Merzdovnik and Markus Huber and Damjan Buhov and Nick Nikiforakis and Sebastian Neuner and Martin Schmiedecker and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools},
      booktitle = {2nd IEEE European Symposium on Security and Privacy (Euro S&P)},
      year = {2017},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/block_me_if_you_can.pdf},
      }
  • Nathan Burow and Scott A. Carr and Joseph Nash and Per Larsen and Michael Franz and Stefan Brunthaler and Mathias Payer, "Control-Flow Integrity: Precision, Security, and Performance," ACM Computing Surveys (CSUR), vol. 50, 2017. BibTeX | PDF
    @ARTICLE{Burow2017ControlFlow,
      Author = {Nathan Burow and Scott A. Carr and Joseph Nash and Per Larsen and Michael Franz and Stefan Brunthaler and Mathias Payer},
      sbahotlist = {true},
      title = {Control-Flow Integrity: Precision, Security, and Performance},
      journal = {ACM Computing Surveys (CSUR)},
      year = {2017},
      month = {4},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/CFI_brunthaler.pdf},
      volume = {50},
      }
  • Katharina Krombholz and Wilfried Mayer and Martin Schmiedecker and Edgar R. Weippl, ""I Have No Idea What I’m Doing" – On the Usability of Deploying HTTPS," in 26th USENIX Security Symposium (USENIX Security 2017), 2017. BibTeX | PDF
    @INPROCEEDINGS{Krombholz2017Have,
      Author = {Katharina Krombholz and Wilfried Mayer and Martin Schmiedecker and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {"I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS},
      booktitle = {26th USENIX Security Symposium (USENIX Security 2017)},
      year = {2017},
      month = {8},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/usenixTLSpreprint.pdf},
      }
  • Alexei Zamyatin and K. Wolter and S. Werner and C.E.A. Mulligan and P.G. Harrison and W.J. Knottenbelt, "Swimming with Fishes and Sharks: Beneath the Surface of Queue-based Ethereum Mining Pools," in 25th IEEE International Symposium on the Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS 2017), 2017. BibTeX
    @INPROCEEDINGS{Zamyatin2017Swimming,
      Author = {Alexei Zamyatin and K. Wolter and S. Werner and {C.E.A.} Mulligan and {P.G.} Harrison and {W.J.} Knottenbelt},
      sbahotlist = {true},
      title = {Swimming with Fishes and Sharks: Beneath the Surface of Queue-based Ethereum Mining Pools},
      booktitle = {25th IEEE International Symposium on the Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS 2017)},
      year = {2017},
      month = {9},
      }
  • Tomasz Miksa and Andreas Rauber and Eleni Mina, "Identifying Impact of Software Dependencies on Replicability of Biomedical Workflows," Journal of Biomedical Informatics, 2016. BibTeX | PDF
    @ARTICLE{Miksa2016Identifying,
      Author = {Tomasz Miksa and Andreas Rauber and Eleni Mina},
      sbahotlist = {true},
      title = {Identifying Impact of Software Dependencies on Replicability of Biomedical Workflows},
      journal = {Journal of Biomedical Informatics},
      year = {2016},
      month = {11},
      pdf = {http://www.sciencedirect.com/science/article/pii/S1532046416301484},
      }

View all publications

article

  • Peter Kieseberg and Peter Fruehwirt and Sebastian Schrittwieser, "Security Testing for Mobile Applications," ERCIM News, vol. 109, pp. 52-53, 2017. BibTeX | PDF
    @ARTICLE{Kieseberg2017Security,
      Author = {Peter Kieseberg and Peter Fruehwirt and Sebastian Schrittwieser},
      title = {Security Testing for Mobile Applications},
      journal = {ERCIM News},
      year = {2017},
      month = {4},
      pdf = {Pages from EN109-web.pdf},
      volume = {109},
      pages = {52--53},
      }
  • Aljosha Judmayer and Nicholas Stifter and Katharina Krombholz and Edgar R. Weippl, "Blocks and Chains: Introduction to Bitcoin, Cryptocurrencies, and Their Consensus Mechanisms," Synthesis Lectures on Information Security, Privacy, and Trust, 2017. BibTeX | PDF
    @ARTICLE{Judmayer2017Blocks,
      Author = {Aljosha Judmayer and Nicholas Stifter and Katharina Krombholz and {Edgar R.} Weippl},
      title = {Blocks and Chains: Introduction to Bitcoin, Cryptocurrencies, and Their Consensus Mechanisms},
      journal = {Synthesis Lectures on Information Security, Privacy, and Trust},
      year = {2017},
      month = {0},
      pdf = {https://doi.org/10.2200/S00773ED1V01Y201704SPT020},
      }
  • Peter Kieseberg and Edgar R. Weippl and Sebastian Schrittwieser, "Forensics using Internal Database Structures," ERCIM News, vol. 108, 2017. BibTeX | PDF
    @ARTICLE{Kieseberg2017Forensics,
      Author = {Peter Kieseberg and {Edgar R.} Weippl and Sebastian Schrittwieser},
      title = {Forensics using Internal Database Structures},
      journal = {ERCIM News},
      year = {2017},
      month = {1},
      pdf = {http://ercim-news.ercim.eu/images/stories/EN108/EN108-web.pdf},
      volume = {108},
      }
  • Georg Merzdovnik and Damjan Buhov and Artemios G. Voyiatzis and Edgar R. Weippl, "U’smile – Secure Mobile Environments," ERCIM News, vol. 109, pp. 53-54, 2017. BibTeX | PDF
    @ARTICLE{Merzdovnik2017usmile,
      Author = {Georg Merzdovnik and Damjan Buhov and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
      title = {u'smile - Secure Mobile Environments},
      journal = {ERCIM News},
      year = {2017},
      month = {4},
      pdf = {https://ercim-news.ercim.eu/images/stories/EN109/EN109-web.pdf},
      volume = {109},
      pages = {53--54},
      }
  • Sebastian Neuner and Artemios G. Voyiatzis and Martin Schmiedecker and Edgar R. Weippl, "Timestamp hiccups: Detecting manipulated filesystem timestamps on NTFS," International Conference on Availability, Reliability and Security (ARES), 2017. BibTeX | PDF
    @ARTICLE{Neuner2017,
      Author = {Sebastian Neuner and {Artemios G.} Voyiatzis and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Timestamp hiccups: Detecting manipulated filesystem timestamps on NTFS},
      journal = {International Conference on Availability, Reliability and Security (ARES)},
      year = {2017},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/hiccups.pdf},
      }
  • Peter Kieseberg and Sebastian Schrittwieser and Bernd Malle and Edgar R. Weippl and Andreas Holzinger, "Das Testen von Algorithmen in sensibler datengetriebener Forschung," Rundbrief des Fachausschusses Management der Anwendungsentwicklung und -wartung (WI-MAW), 2017. BibTeX | PDF
    @ARTICLE{Kieseberg2017Testen,
      Author = {Peter Kieseberg and Sebastian Schrittwieser and Bernd Malle and {Edgar R.} Weippl and Andreas Holzinger},
      title = {Das Testen von Algorithmen in sensibler datengetriebener Forschung},
      journal = {Rundbrief des Fachausschusses Management der Anwendungsentwicklung und -wartung (WI-MAW)},
      year = {2017},
      month = {4},
      pdf = {http://fa-wi-maw.gi.de/fileadmin/gliederungen/fg-maw/Rundbriefe/GI_Rundbrief_41_JG23_Online.pdf},
      }
  • Nathan Burow and Scott A. Carr and Joseph Nash and Per Larsen and Michael Franz and Stefan Brunthaler and Mathias Payer, "Control-Flow Integrity: Precision, Security, and Performance," ACM Computing Surveys (CSUR), vol. 50, 2017. BibTeX | PDF
    @ARTICLE{Burow2017ControlFlow,
      Author = {Nathan Burow and Scott A. Carr and Joseph Nash and Per Larsen and Michael Franz and Stefan Brunthaler and Mathias Payer},
      sbahotlist = {true},
      title = {Control-Flow Integrity: Precision, Security, and Performance},
      journal = {ACM Computing Surveys (CSUR)},
      year = {2017},
      month = {4},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/CFI_brunthaler.pdf},
      volume = {50},
      }
  • Katharina Krombholz and Thomas Hupperich and Thorsten Holz, "May the Force be with You: The Future of Force-Sensitive Authentication," Journal of Internet Computing, Special Issue of Usable Security and privacy, 2017. BibTeX
    @ARTICLE{Krombholz2017Force,
      Author = {Katharina Krombholz and Thomas Hupperich and Thorsten Holz},
      sbahotlist = {true},
      title = {May the Force be with You: The Future of Force-Sensitive Authentication},
      journal = {Journal of Internet Computing, Special Issue of Usable Security and privacy},
      year = {2017},
      month = {0},
      }
  • Johanna Ullrich and Tanja Szeby and Joachim Fabini and Edgar R. Weippl, "Network-Based Secret Communication in Clouds: A Survey," IEEE Communications Surveys & Tutorials, 2017. BibTeX | PDF
    @ARTICLE{Ullrich2017NetworkBased,
      Author = {Johanna Ullrich and Tanja Szeby and Joachim Fabini and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Network-Based Secret Communication in Clouds: A Survey},
      journal = {IEEE Communications Surveys & Tutorials},
      year = {2017},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/secretCloud_2017.pdf},
      }
  • Peter Kieseberg and Edgar R. Weippl and Andreas Holzinger, "Trust for the “Doctor in the Loop"," ERCIM News, 2016. BibTeX | PDF
    @ARTICLE{Kieseberg2016Trust,
      Author = {Peter Kieseberg and {Edgar R.} Weippl and Andreas Holzinger},
      title = {Trust for the “Doctor in the Loop"},
      journal = {ERCIM News},
      year = {2016},
      month = {1},
      pdf = {trustfordoctorintheloop.pdf},
      }
  • Aaron Zauner and Hanno Böck and Philipp Jovanovic and Sean Devlin, "Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS," Blackhat USA, 2016. BibTeX
    @ARTICLE{Zauner2016NonceDisrespecting,
      Author = {Aaron Zauner and Hanno Böck and Philipp Jovanovic and Sean Devlin},
      sbahotlist = {true},
      title = {Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS},
      journal = {Blackhat USA},
      year = {2016},
      month = {0},
      }
  • Tomasz Miksa and Andreas Rauber and Eleni Mina, "Identifying Impact of Software Dependencies on Replicability of Biomedical Workflows," Journal of Biomedical Informatics, 2016. BibTeX | PDF
    @ARTICLE{Miksa2016Identifying,
      Author = {Tomasz Miksa and Andreas Rauber and Eleni Mina},
      sbahotlist = {true},
      title = {Identifying Impact of Software Dependencies on Replicability of Biomedical Workflows},
      journal = {Journal of Biomedical Informatics},
      year = {2016},
      month = {11},
      pdf = {http://www.sciencedirect.com/science/article/pii/S1532046416301484},
      }
  • Peter Kieseberg and Bernd Malle and Peter Fruehwirt and Edgar R. Weippl and Andreas Holzinger, "A tamper-proof audit and control system for the doctor in the loop," Brain Informatics, pp. 1-11, 2016. BibTeX | PDF
    @ARTICLE{Kiesebergtamperproof,
      Author = {Peter Kieseberg and Bernd Malle and Peter Fruehwirt and {Edgar R.} Weippl and Andreas Holzinger},
      title = {A tamper-proof audit and control system for the doctor in the loop},
      journal = {Brain Informatics},
      year = {2016},
      month = {3},
      pdf = {http://link.springer.com/article/10.1007/s40708-016-0046-2},
      pages = {1--11},
      }
  • Dimitris Simos, "Split: Security protocol interaction testing in practice," ERCIM News, 2016. BibTeX | PDF
    @ARTICLE{Simos2016Split,
      Author = {Dimitris Simos},
      title = {Split: Security protocol interaction testing in practice},
      journal = {ERCIM News},
      year = {2016},
      month = {0},
      pdf = {https://ercim-news.ercim.eu/en106/special/split-security-protocol-interaction-testing-in-practice},
      }
  • Martin Schmiedecker and Sebastian Neuner, "On Reducing Bottlenecks in Digital Forensics," ERCIM News, 2016. BibTeX | PDF
    @ARTICLE{Schmiedecker2016Reducing,
      Author = {Martin Schmiedecker and Sebastian Neuner},
      title = {On Reducing Bottlenecks in Digital Forensics},
      journal = {ERCIM News},
      year = {2016},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/EN106-peekaTorrent.pdf},
      }
  • Stefan Fenz and S. Plieschnegger and Heidelinde Hobel, "Mapping Information Security Standard ISO 27002 to an Ontological Structure," Information and Computer Security, 2016. BibTeX | PDF
    @ARTICLE{Fenz2016Mapping,
      Author = {Stefan Fenz and S. Plieschnegger and Heidelinde Hobel},
      title = {Mapping Information Security Standard ISO 27002 to an Ontological Structure},
      journal = {Information and Computer Security},
      year = {2016},
      month = {0},
      pdf = {http://www.emeraldinsight.com/doi/abs/10.1108/ICS-07-2015-0030?journalCode=ics},
      }
  • Bernd Malle and Peter Kieseberg and Sebastian Schrittwieser and Andreas Holzinger, "Privacy Aware Machine Learning and the “Right to be forgotten," ERCIM News, 2016. BibTeX | PDF
    @ARTICLE{Malle2016Privacy,
      Author = {Bernd Malle and Peter Kieseberg and Sebastian Schrittwieser and Andreas Holzinger},
      title = {Privacy Aware Machine Learning and the “Right to be forgotten},
      journal = {ERCIM News},
      year = {2016},
      month = {10},
      pdf = {ERCIM_article_printed.pdf},
      }
  • Peter Kieseberg and Edgar R. Weippl and Sebastian Schrittwieser, "Detection of Data Leaks in Collaborative Data Driven Research," ERCIM News, 2016. BibTeX | PDF
    @ARTICLE{Kieseberg2016Detection,
      Author = {Peter Kieseberg and {Edgar R.} Weippl and Sebastian Schrittwieser},
      title = {Detection of Data Leaks in Collaborative Data Driven Research},
      journal = {ERCIM News},
      year = {2016},
      month = {4},
      pdf = {Detection_EN105.pdf},
      }
  • Andreas Rauber and Ari Asmi and Dieter van Uytvanck and Stefan Proell, "Identification of Reproducible Subsets for Data Citation, Sharing and Re-Use.," Bulletin of IEEE Technical Committee on Digital Libraries (TCDL), vol. 12, 2016. BibTeX | PDF
    @ARTICLE{Rauber2016Identification,
      Author = {Andreas Rauber and Ari Asmi and Dieter {van Uytvanck} and Stefan Proell},
      title = {Identification of Reproducible Subsets for Data Citation, Sharing and Re-Use.},
      journal = {Bulletin of IEEE Technical Committee on Digital Libraries (TCDL)},
      year = {2016},
      month = {5},
      pdf = {https://www.rd-alliance.org/system/files/documents/RDA-Guidelines_TCDL_draft.pdf},
      volume = {12},
      }
  • Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer, "Selecting security control portfolios: a multi-objective simulation-optimization approach," EURO Journal on Decision Processes, 2016. BibTeX | PDF
    @ARTICLE{Kiesling2016Selecting,
      Author = {Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer},
      title = {Selecting security control portfolios: a multi-objective simulation-optimization approach},
      journal = {EURO Journal on Decision Processes},
      year = {2016},
      month = {6},
      pdf = {http://link.springer.com/article/10.1007/s40070-016-0055-7},
      }
  • Johanna Ullrich and Jordan Cropper and Peter Fruehwirt and Edgar R. Weippl, "The role and security of firewalls in cyber-physical cloud computing," EURASIP Journal on Information Security, 2016. BibTeX | PDF
    @ARTICLE{Ullrich2016role,
      Author = {Johanna Ullrich and Jordan Cropper and Peter Fruehwirt and {Edgar R.} Weippl},
      title = {The role and security of firewalls in cyber-physical cloud computing},
      journal = {EURASIP Journal on Information Security},
      year = {2016},
      month = {8},
      pdf = {http://jis.eurasipjournals.springeropen.com/articles/10.1186/s13635-016-0042-3},
      }
  • Sebastian Schrittwieser and Stefan Katzenbeisser and Johannes Kinder and Georg Merzdovnik and Edgar R. Weippl, "Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis?," ACM Computing Survey (CSUR), vol. 49, 2016. BibTeX | PDF
    @ARTICLE{Schrittwieser2016Protecting,
      Author = {Sebastian Schrittwieser and Stefan Katzenbeisser and Johannes Kinder and Georg Merzdovnik and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Protecting Software through Obfuscation: Can It Keep Pace with Progress in Code Analysis?},
      journal = {ACM Computing Survey (CSUR)},
      year = {2016},
      month = {0},
      pdf = {http://dl.acm.org/citation.cfm?id=2886012},
      volume = {49},
      publisher = {ACM},
      }
  • Sebastian Neuner and Martin Schmiedecker and Edgar R. Weippl, "Effectiveness of File‐based Deduplication in Digital Forensics," Security and Communication Networks, 2016. BibTeX | PDF
    @ARTICLE{Neuner2016Effectiveness,
      Author = {Sebastian Neuner and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Effectiveness of File‐based Deduplication in Digital Forensics},
      journal = {Security and Communication Networks},
      year = {2016},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/Neuner2016Effectiveness_preprint.pdf},
      publisher = {Wiley},
      }
  • Ulrich Pont and Neda Ghiassi and Stefan Fenz and Johannes Heurix and Ardeshir Mahdavi, "SEMERGY: Application of Semantic Web Technologies in Performance-Guided Building Design Optimization," Journal of Information Technology in Construction, vol. 20, pp. 107-120, 2015. BibTeX
    @ARTICLE{Pont2015SEMERGY,
      Author = {Ulrich Pont and Neda Ghiassi and Stefan Fenz and Johannes Heurix and Ardeshir Mahdavi},
      title = {SEMERGY: Application of Semantic Web Technologies in Performance-Guided Building Design Optimization},
      journal = {Journal of Information Technology in Construction},
      year = {2015},
      month = {0},
      volume = {20},
      pages = {107--120},
      }
  • Andreas Rauber and Ari Asmi and Dieter van Uytvanck and Stefan Proell, "Data Citation of Evolving Data," Recommendations of the Working Group on Data Citation (WGDC), 2015. BibTeX | PDF
    @ARTICLE{Rauber2015Data,
      Author = {Andreas Rauber and Ari Asmi and Dieter {van Uytvanck} and Stefan Proell},
      title = {Data Citation of Evolving Data},
      journal = {Recommendations of the Working Group on Data Citation (WGDC)},
      year = {2015},
      month = {5},
      pdf = {https://www.rd-alliance.org/system/files/documents/RDA-DC-Recommendations_150609.pdf},
      }
  • Tomasz Miksa and Andreas Rauber, "Beyond Data: Process Sharing and Reuse," ERCIM News, vol. 10, pp. 70-81, 2015. BibTeX | PDF
    @ARTICLE{Miksa2015Beyond,
      Author = {Tomasz Miksa and Andreas Rauber},
      title = {Beyond Data: Process Sharing and Reuse},
      journal = {ERCIM News},
      year = {2015},
      month = {1},
      pdf = {https://ercim-news.ercim.eu/en100/special/beyond-data-process-sharing-and-reuse},
      volume = {10},
      pages = {70--81},
      publisher = {Inderscience Publishers},
      }
  • Rudolf Mayer and Gonccalo Antunes and Artur Caetano and Marzieh Bakhshandeh and Andreas Rauber and Jose Borbinha, "Using Ontologies to Capture the Semantics of a (Business) Process for Digital Preservation," International Journal of Digital Libraries (IJDL), vol. 15, pp. 129-152, 2015. BibTeX | PDF
    @ARTICLE{Mayer2015Using,
      Author = {Rudolf Mayer and Gonccalo Antunes and Artur Caetano and Marzieh Bakhshandeh and Andreas Rauber and Jose Borbinha},
      title = {Using Ontologies to Capture the Semantics of a (Business) Process for Digital Preservation},
      journal = {International Journal of Digital Libraries (IJDL)},
      year = {2015},
      month = {4},
      pdf = {http://www.ifs.tuwien.ac.at/~Emayer/publications/pdf/may_ijdl15_contextmodel.pdf},
      volume = {15},
      pages = {129--152},
      }
  • Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Adrian Dabrowski and Edgar R. Weippl, "IPv6 Security: Attacks and Countermeasures in a Nutshell," Magdeburger Journal zur Sicherheitsforschung, vol. 1, 2015. BibTeX | PDF
    @ARTICLE{Ullrich2015IPv6,
      Author = {Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Adrian Dabrowski and {Edgar R.} Weippl},
      title = {IPv6 Security: Attacks and Countermeasures in a Nutshell},
      journal = {Magdeburger Journal zur Sicherheitsforschung},
      year = {2015},
      month = {3},
      pdf = {http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_035_Ullrich_IPv6.pdf},
      volume = {1},
      }
  • M. Koenigsmayr and Thomas Neubauer, "The Role of ICT in a Low Carbon Society," IEEE Technology and Society Magazine, vol. 34, pp. 39-44, 2015. BibTeX
    @ARTICLE{Koenigsmayr2015Role,
      Author = {M. Koenigsmayr and Thomas Neubauer},
      title = {The Role of ICT in a Low Carbon Society},
      journal = {IEEE Technology and Society Magazine},
      year = {2015},
      month = {3},
      volume = {34},
      pages = {39--44},
      }
  • Tomasz Miksa and Rudolf Mayer and Andreas Rauber, "Ensuring sustainability of web services dependent processes," International Journal of Computational Science and Engineering (IJCSE), vol. 10, pp. 70-81, 2015. BibTeX | PDF
    @ARTICLE{_Ensuring_sustainability_of_web_2013,
      Author = {Tomasz Miksa and Rudolf Mayer and Andreas Rauber},
      title = {Ensuring sustainability of web services dependent processes},
      journal = {International Journal of Computational Science and Engineering (IJCSE)},
      year = {2015},
      month = {0},
      pdf = {IJCSE1001_0205 MIKSA.pdf},
      volume = {10},
      pages = {70--81},
      publisher = {Inderscience Publishers},
      }
  • Peter Kieseberg, "A Structured Approach to Defence Simulation Training," ERCIM News, 2015. BibTeX | PDF
    @ARTICLE{Kieseberg2015Structured,
      Author = {Peter Kieseberg},
      title = {A Structured Approach to Defence Simulation Training},
      journal = {ERCIM News},
      year = {2015},
      month = {10},
      pdf = {Scudo.pdf},
      }
  • Joan Starr and Eleni Castro and Merce Crosas and Michel Dumontier and Robert R. Downs and Ruth Duerr and Laurel Haak and Melissa Haendel and Ivan Herman and Simon Hodson and Joe Hourcle and John Ernest Kratz and Jennifer Lin and Lars Holm Nielsen and Amy Nurnberger and Stefan Proell and Andreas Rauber and Simone Sacchi and Arthur P. Smith and Michael Taylor and Tim Clark, "Achieving human and machine accessibility of cited data in scholarly publications," PeerJ PeerJ PrePrints, 2015. BibTeX | PDF
    @ARTICLE{Starr2015Achieving,
      Author = {Joan Starr and Eleni Castro and Merce Crosas and Michel Dumontier and {Robert R.} Downs and Ruth Duerr and Laurel Haak and Melissa Haendel and Ivan Herman and Simon Hodson and Joe Hourcle and {John Ernest} Kratz and Jennifer Lin and {Lars Holm} Nielsen and Amy Nurnberger and Stefan Proell and Andreas Rauber and Simone Sacchi and {Arthur P.} Smith and Michael Taylor and Tim Clark},
      title = {Achieving human and machine accessibility of cited data in scholarly publications},
      journal = {PeerJ PeerJ PrePrints },
      year = {2015},
      month = {5},
      pdf = {https://peerj.com/articles/cs-1/},
      }
  • Johannes Heurix and Peter Zimmermann and Thomas Neubauer and Stefan Fenz, "A taxonomy for privacy enhancing technologies," Computers and Security, 2015. BibTeX | PDF
    @ARTICLE{Heurix2015taxonomy,
      Author = {Johannes Heurix and Peter Zimmermann and Thomas Neubauer and Stefan Fenz},
      title = {A taxonomy for privacy enhancing technologies},
      journal = {Computers and Security},
      year = {2015},
      month = {9},
      pdf = {http://www.sciencedirect.com/science/article/pii/S0167404815000668},
      }
  • Wilfried Mayer and Aaron Zauner and Martin Schmiedecker and Markus Huber, "No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large," arXiv preprint, 2015. BibTeX | PDF | Data
    @ARTICLE{Mayer2015Need,
      Author = {Wilfried Mayer and Aaron Zauner and Martin Schmiedecker and Markus Huber},
      sbahotlist = {true},
      title = {No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large},
      journal = {arXiv preprint},
      year = {2015},
      month = {10},
      pdf = {http://arxiv.org/abs/1510.08646},
      link_data = {https://scans.io/study/sba-email},
      }
  • Shareeful Islam and Moussa Ouedraogo and Christos Kalloniatis and Haralambos Mouratidis and Stefanos Gritzalis, "Assurance of Security and Privacy Requirements for Cloud Deployment Model.," IEEE Transactions on Cloud Computing (2015), 2015. BibTeX | PDF
    @ARTICLE{Islam2015Assurance,
      Author = {Shareeful Islam and Moussa Ouedraogo and Christos Kalloniatis and Haralambos Mouratidis and Stefanos Gritzalis},
      sbahotlist = {true},
      title = {Assurance of Security and Privacy Requirements for Cloud Deployment Model.},
      journal = {IEEE Transactions on Cloud Computing (2015)},
      year = {2015},
      month = {0},
      pdf = {05_07364243.pdf},
      publisher = {IEEE},
      }
  • Andrei Homescu and Todd Jackson and Stephen Crane and Stefan Brunthaler and Per Larsen and Michael Franz, "Large-scale Automated Software Diversity – Program Evolution Redux," IEEE Transactions on Dependable and Secure Computing, 2015. BibTeX | PDF
    @ARTICLE{Homescu2015Largescale,
      Author = {Andrei Homescu and Todd Jackson and Stephen Crane and Stefan Brunthaler and Per Larsen and Michael Franz},
      title = {Large-scale Automated Software Diversity - Program Evolution Redux},
      journal = {IEEE Transactions on Dependable and Secure Computing},
      year = {2015},
      month = {6},
      pdf = {http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=7122891},
      }
  • Johannes Heurix and Stefan Fenz and Antonio Rella and Thomas Neubauer, "Recognition and pseudonymisation of medical records for secondary use," Medical and Biological Engineering and Computing, 2015. BibTeX | PDF
    @ARTICLE{Heurix2015Recognition,
      Author = {Johannes Heurix and Stefan Fenz and Antonio Rella and Thomas Neubauer},
      title = {Recognition and pseudonymisation of medical records for secondary use},
      journal = {Medical and Biological Engineering and Computing},
      year = {2015},
      month = {6},
      pdf = {http://link.springer.com/article/10.1007/s11517-015-1322-7},
      }
  • Andreas Ekelhart and Elmar Kiesling and Bernhard Grill and Christine Strauss and Christian Stummer, "Integrating attacker behavior in IT security analysis: a discrete-event simulation approach," Information Technology and Management, 2015. BibTeX | PDF
    @ARTICLE{Ekelhart2015Integrating,
      Author = {Andreas Ekelhart and Elmar Kiesling and Bernhard Grill and Christine Strauss and Christian Stummer},
      title = {Integrating attacker behavior in IT security analysis: a discrete-event simulation approach},
      journal = {Information Technology and Management},
      year = {2015},
      month = {6},
      pdf = {http://link.springer.com/article/10.1007/s10799-015-0232-6},
      }
  • Robin Mueller and Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Edgar R. Weippl, "Security and privacy of smartphone messaging applications," International Journal of Pervasive Computing and Communications, vol. 11, 2015. BibTeX | PDF
    @ARTICLE{Mueller2015Security,
      Author = {Robin Mueller and Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and {Edgar R.} Weippl},
      title = {Security and privacy of smartphone messaging applications},
      journal = {International Journal of Pervasive Computing and Communications},
      year = {2015},
      month = {6},
      pdf = {Draft.pdf},
      volume = {11},
      }
  • Johanna Ullrich and Edgar R. Weippl, "CyPhySec: Defending Cyber-Physical Systems ," ERCIM News 102, 2015. BibTeX | PDF
    @ARTICLE{Ullrich2015CyPhySec,
      Author = {Johanna Ullrich and {Edgar R.} Weippl},
      title = {CyPhySec: Defending Cyber-Physical Systems },
      journal = {ERCIM News 102},
      year = {2015},
      month = {7},
      pdf = {https://ercim-news.ercim.eu/en102/special/cyphysec-defending-cyber-physical-systems},
      }
  • Tomasz Miksa and Rudolf Mayer and Andreas Rauber, "Raising resilience of web service dependent repository systems," International Journal of Web Information Systems, 2015. BibTeX | PDF
    @ARTICLE{Miksa2015Raising,
      Author = {Tomasz Miksa and Rudolf Mayer and Andreas Rauber},
      title = {Raising resilience of web service dependent repository systems},
      journal = {International Journal of Web Information Systems},
      year = {2015},
      month = {7},
      pdf = {http://www.ifs.tuwien.ac.at/~mayer/publications/pdf/mik_15IJWIS.pdf},
      }
  • Peter Kieseberg and Olga E. Segou and Fabio Roli, "CyberROAD: Developing a Roadmap for Research in Cybercrime and Cyberterrorism," ERCIM News, 2015. BibTeX | PDF
    @ARTICLE{Kieseberg2015CyberROAD,
      Author = {Peter Kieseberg and {Olga E.} Segou and Fabio Roli},
      title = {CyberROAD: Developing a Roadmap for Research in Cybercrime and Cyberterrorism},
      journal = {ERCIM News},
      year = {2015},
      month = {7},
      pdf = {CyberRoad-Excerpt.pdf},
      }
  • Stefan Proell and Andreas Rauber, "Asking the Right Questions – Query-Based Data Citation to Precisely Identify Subsets of Data," ERCIM News, 2015. BibTeX | PDF
    @ARTICLE{Proell2015Asking,
      Author = {Stefan Proell and Andreas Rauber},
      title = {Asking the Right Questions - Query-Based Data Citation to Precisely Identify Subsets of Data},
      journal = {ERCIM News},
      year = {2015},
      month = {1},
      pdf = {http://ercim-news.ercim.eu/images/stories/EN100/EN100-web.pdf},
      }
  • Gonccalo Antunes and Marzieh Bakhshandeh and Rudolf Mayer and Jose Borbinha and Artur Caetano, "Using Ontologies for Enterprise Architecture Integration and Analysis," Complex Systems Informatics and Modeling Quarterly, 2014. BibTeX | PDF
    @ARTICLE{Antunes2014Using,
      Author = {Gonccalo Antunes and Marzieh Bakhshandeh and Rudolf Mayer and Jose Borbinha and Artur Caetano},
      sbahotlist = {true},
      title = {Using Ontologies for Enterprise Architecture Integration and Analysis},
      journal = {Complex Systems Informatics and Modeling Quarterly},
      year = {2014},
      month = {4},
      pdf = {ant_csimq14.pdf},
      }
  • Niina Maarit Novak and A. Mladenow and Christine Strauss, "Virtual Worlds as Settings for Avatar-Based Innovation Processes," Journal of Service Science Research, 2014. BibTeX | PDF
    @ARTICLE{Novak2014Virtual,
      Author = {Niina Maarit Novak and A. Mladenow and Christine Strauss},
      title = {Virtual Worlds as Settings for Avatar-Based Innovation Processes},
      journal = {Journal of Service Science Research},
      year = {2014},
      month = {6},
      pdf = {Virtual Worlds-PrintVERSION.pdf},
      }
  • Sigrid Schefer Wenzl and Mark Strembeck, "Model-driven Specification and Enforcement of RBAC Break-Glass Policies for Process-Aware Information Systems," Information and Software Technology (IST), vol. 56, 2014. BibTeX | PDF
    @ARTICLE{Wenzl2014Modeldriven,
      Author = {Sigrid Schefer Wenzl and Mark Strembeck},
      title = {Model-driven Specification and Enforcement of RBAC Break-Glass Policies for Process-Aware Information Systems},
      journal = {Information and Software Technology (IST)},
      year = {2014},
      month = {10},
      pdf = {Model driven specification and enforcement of RBAC break-glass policies ist-v56n10-oct-2014.pdf},
      volume = {56},
      }
  • Sigrid Schefer Wenzl and Mark Strembeck, "Modeling Support for Role-Based Delegation in Process-Aware Information Systems," Business & Information Systems Engineering (BISE), vol. 6, 2014. BibTeX | PDF
    @ARTICLE{Wenzl2014Modeling,
      Author = {Sigrid Schefer Wenzl and Mark Strembeck},
      title = {Modeling Support for Role-Based Delegation in Process-Aware Information Systems},
      journal = {Business & Information Systems Engineering (BISE)},
      year = {2014},
      month = {8},
      pdf = {http://link.springer.com/article/10.1007/s12599-014-0343-3},
      volume = {6},
      }
  • Stefan Proell, "Dynamic Data Citation," Bulletin of IEEE Technical Committee on Digital Libraries, 2014. BibTeX | PDF
    @ARTICLE{Proell2014Dynamic,
      Author = {Stefan Proell},
      title = {Dynamic Data Citation},
      journal = {Bulletin of IEEE Technical Committee on Digital Libraries},
      year = {2014},
      month = {11},
      pdf = {http://www.ieee-tcdl.org/Bulletin/v10n1/papers/proll.pdf},
      }
  • Christoph Hochreiner and Peter Fruehwirt and Zhendong Ma and Peter Kieseberg and Sebastian Schrittwieser and Edgar R. Weippl, "Genie in a Model? Why Model Driven Security will not secure your Web Application," Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), vol. 5, pp. 44-62, 2014. BibTeX | PDF
    @ARTICLE{Hochreiner2014Genie,
      Author = {Christoph Hochreiner and Peter Fruehwirt and Zhendong Ma and Peter Kieseberg and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Genie in a Model? Why Model Driven Security will not secure your Web Application},
      journal = {Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA)},
      year = {2014},
      month = {9},
      pdf = {jowua-v5n3-4.pdf},
      volume = {5},
      pages = {44-62},
      }
  • Shareeful Islam and Haralambos Mouratidis and Edgar R. Weippl, "An Empirical Study on the Implementation and Evaluation of a Goal-driven Software Development Risk Management Model," Information and Software Technology (Elsevier), 2014. BibTeX | PDF
    @ARTICLE{Islam2014Empirical,
      Author = {Shareeful Islam and Haralambos Mouratidis and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {An Empirical Study on the Implementation and Evaluation of a Goal-driven Software Development Risk Management Model},
      journal = {Information and Software Technology (Elsevier)},
      year = {2014},
      month = {2},
      pdf = {10_Paper 1.pdf},
      }
  • Gülfem Savrun-Yeniçeri and Wei Zhang and Huahan Zhang and Eric Seckler and Chen Li and Stefan Brunthaler and Per Larsen and Michael Franz, "Efficient hosted interpreters on the JVM," ACM Transactions on Architecture and Code Optimization, vol. 11/1, 2014. BibTeX | PDF
    @ARTICLE{SavrunYeniceri2014Efficient,
      Author = {Gülfem Savrun-Yeniçeri and Wei Zhang and Huahan Zhang and Eric Seckler and Chen Li and Stefan Brunthaler and Per Larsen and Michael Franz},
      title = {Efficient hosted interpreters on the JVM},
      journal = {ACM Transactions on Architecture and Code Optimization},
      year = {2014},
      month = {2},
      pdf = {taco14.pdf},
      volume = {11/1},
      }
  • Adrian Dabrowski and Peter Fejes and Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Edgar R. Weippl, "Poster NDSS 2014: Hardware Trojans–Detect and React?," Network and Distributed System Security (NDSS) Symposium 2014, 2014. BibTeX
    @ARTICLE{Dabrowski2014Poster,
      Author = {Adrian Dabrowski and Peter Fejes and Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and {Edgar R.} Weippl},
      title = {Poster NDSS 2014: Hardware Trojans--Detect and React?},
      journal = {Network and Distributed System Security (NDSS) Symposium 2014},
      year = {2014},
      month = {2},
      }
  • Per Larsen and Stefan Brunthaler and Michael Franz, "Security through Diversity: Are We There Yet?," IEEE Security and Privacy, vol. 12/2, 2014. BibTeX | PDF
    @ARTICLE{Larsen2014Security,
      Author = {Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {Security through Diversity: Are We There Yet?},
      journal = {IEEE Security and Privacy},
      year = {2014},
      month = {3},
      pdf = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6617633},
      volume = {12/2},
      }
  • Leyla Bilge and Sevil Sen and Davide Balzarotti and Engin Kirda and Christopher Kruegel, "EXPOSURE: A Passive DNS Analysis Service to Detect and Report Malicious Domains," ACM Transactions on Information and System Security, 2014. BibTeX | PDF
    @ARTICLE{Bilge2014EXPOSURE,
      Author = {Leyla Bilge and Sevil Sen and Davide Balzarotti and Engin Kirda and Christopher Kruegel},
      title = {EXPOSURE: A Passive DNS Analysis Service to Detect and Report Malicious Domains},
      journal = {ACM Transactions on Information and System Security},
      year = {2014},
      month = {4},
      pdf = {http://seclab.ccs.neu.edu/static/publications/tissec14_exposure.pdf},
      }
  • Maria Leitner and Stefanie Rinderle-Ma, "A systematic review on security in Process-Aware Information Systems: Constitution, challenges, and future directions," Information and Software Technology, 2014. BibTeX
    @ARTICLE{Leitner2014systematic,
      Author = {Maria Leitner and Stefanie Rinderle-Ma},
      title = {A systematic review on security in Process-Aware Information Systems: Constitution, challenges, and future directions},
      journal = {Information and Software Technology},
      year = {2014},
      month = {3},
      }
  • Tomasz Miksa, "Sustainable eScience processes and systems," Bulletin of IEEE Technical Committee on Digital Libraries, 2014. BibTeX | PDF
    @ARTICLE{Miksa2014Sustainable,
      Author = {Tomasz Miksa},
      title = {Sustainable eScience processes and systems},
      journal = {Bulletin of IEEE Technical Committee on Digital Libraries},
      year = {2014},
      month = {11},
      pdf = {http://www.ieee-tcdl.org/Bulletin/v10n1/papers/miksa.pdf},
      }
  • Dawid Wolosiuk and Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and A Min Tjoa, "SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment," Advanced Materials Research, vol. 899, pp. 589-595, 2014. BibTeX
    @ARTICLE{Wolosiuk2014SEMERGY,
      Author = {Dawid Wolosiuk and Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and {A Min} Tjoa},
      sbahotlist = {true},
      title = {SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment},
      journal = {Advanced Materials Research},
      year = {2014},
      month = {0},
      volume = {899},
      pages = {589--595},
      }
  • Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa and Neda Ghiassi and Ulrich Pont and Ardeshir Mahdavi, "SEMERGY.net: automatically identifying and optimizing energy-efficient building designs," Computer Science – Research and Development, 2014. BibTeX
    @ARTICLE{Fenz2014SEMERGYnet,
      Author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa and Neda Ghiassi and Ulrich Pont and Ardeshir Mahdavi},
      title = {SEMERGY.net: automatically identifying and optimizing energy-efficient building designs},
      journal = {Computer Science - Research and Development},
      year = {2014},
      month = {11},
      }
  • Stefan Fenz and Johannes Heurix and Thomas Neubauer and Fabian Pechstein, "Current challenges in information security risk management," Information Management and Computer Security, vol. 22, pp. 410-430, 2014. BibTeX
    @ARTICLE{Fenz2014Current,
      Author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and Fabian Pechstein},
      title = {Current challenges in information security risk management},
      journal = {Information Management and Computer Security},
      year = {2014},
      month = {0},
      volume = {22},
      pages = {410--430},
      }
  • Sigrid Schefer Wenzl and Mark Strembeck, "Modellierungsunterstützung für die rollenbasierte Delegation in prozessgestützten Informationssystemen," Wirtschaftsinformatik, vol. 56, 2014. BibTeX | PDF
    @ARTICLE{Wenzl2014Modellierungsuntersttzung,
      Author = {Sigrid Schefer Wenzl and Mark Strembeck},
      title = {Modellierungsunterstützung für die rollenbasierte Delegation in prozessgestützten Informationssystemen},
      journal = {Wirtschaftsinformatik},
      year = {2014},
      month = {8},
      pdf = {http://link.springer.com/article/10.1007/s11576-014-0433-3},
      volume = {56},
      }
  • Peter Kieseberg and Sebastian Schrittwieser and Martin Schmiedecker and Isao Echizen and Edgar R. Weippl, "An algorithm for collusion-resistant anonymization and fingerprinting of sensitive microdata," Electronic Markets – The International Journal on Networked Business, 2014. BibTeX | PDF
    @ARTICLE{Kieseberg2014algorithm,
      Author = {Peter Kieseberg and Sebastian Schrittwieser and Martin Schmiedecker and Isao Echizen and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {An algorithm for collusion-resistant anonymization and fingerprinting of sensitive microdata},
      journal = {Electronic Markets - The International Journal on Networked Business},
      year = {2014},
      month = {0},
      pdf = {http://link.springer.com/article/10.1007/s12525-014-0154-x},
      }
  • Sebastian Schrittwieser and Stefan Katzenbeisser and Peter Kieseberg and Markus Huber and Manuel Leithner and Martin Schmiedecker and Edgar R. Weippl, "Covert Computation – Hiding Code in Code Through Compile-Time Obfuscation," Computers & Security, 2014. BibTeX | PDF
    @ARTICLE{Schrittwieser2014Covert,
      Author = {Sebastian Schrittwieser and Stefan Katzenbeisser and Peter Kieseberg and Markus Huber and Manuel Leithner and Martin Schmiedecker and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Covert Computation - Hiding Code in Code Through Compile-Time Obfuscation},
      journal = {Computers & Security},
      year = {2014},
      month = {5},
      pdf = {http://www.sciencedirect.com/science/article/pii/S0167404814000030},
      publisher = {Elsevier Advanced Technology},
      }
  • Christina Parpoula and Christos Koukouvinos and Dimitris Simos and Stella Stylianou, "Supersaturated plans for variable selection in large databases," Statistics, Optimization and Information Computing, 2014. BibTeX | PDF
    @ARTICLE{Parpoul2014Supersaturated,
      Author = {Christina Parpoula and Christos Koukouvinos and Dimitris Simos and Stella Stylianou},
      title = {Supersaturated plans for variable selection in large databases},
      journal = {Statistics, Optimization and Information Computing},
      year = {2014},
      month = {0},
      pdf = {SupersaturatedPlans.SOIC.2014.pdf},
      }
  • Tomasz Miksa and Stephan Strodl and Andreas Rauber, "Process Management Plans," International Journal of Digital Curation, vol. 9, pp. 83-97, 2014. BibTeX | PDF
    @ARTICLE{Miksa2014Process,
      Author = {Tomasz Miksa and Stephan Strodl and Andreas Rauber},
      sbahotlist = {true},
      title = {Process Management Plans},
      journal = {International Journal of Digital Curation},
      year = {2014},
      month = {8},
      pdf = {process management plans_paper.pdf},
      volume = {9},
      pages = {83-97},
      }
  • Katharina Krombholz and Heidelinde Hobel and Markus Huber and Edgar R. Weippl, "Advanced social engineering attacks," Journal of Information Security and Applications, 2014. BibTeX | PDF
    @ARTICLE{Krombholz2014Advanced,
      Author = {Katharina Krombholz and Heidelinde Hobel and Markus Huber and {Edgar R.} Weippl},
      title = {Advanced social engineering attacks},
      journal = {Journal of Information Security and Applications},
      year = {2014},
      month = {0},
      pdf = {jisa_revised.pdf},
      }
  • Peter Fruehwirt and Peter Kieseberg and Katharina Krombholz and Edgar R. Weippl, "Towards a forensic-aware database solution: Using a secured database replication protocol and transaction management for digital investigations," Digital Investigation, vol. 11, pp. 336-348, 2014. BibTeX | PDF
    @ARTICLE{Fruehwirt2014Towards,
      Author = {Peter Fruehwirt and Peter Kieseberg and Katharina Krombholz and {Edgar R.} Weippl},
      title = {Towards a forensic-aware database solution: Using a secured database replication protocol and transaction management for digital investigations},
      journal = {Digital Investigation},
      year = {2014},
      month = {0},
      pdf = {towards a forensic aware_paper.pdf},
      volume = {11},
      pages = {336-348},
      }
  • Stefan Fenz and Johannes Heurix and Thomas Neubauer and Antonio Rella, "De-identification of unstructured paper-based health records for privacy-preserving secondary use," Journal of Medical Engineering and Technology, vol. 38, pp. 260-268, 2014. BibTeX
    @ARTICLE{Fenz2014Deidentification,
      Author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and Antonio Rella},
      title = {De-identification of unstructured paper-based health records for privacy-preserving secondary use},
      journal = {Journal of Medical Engineering and Technology},
      year = {2014},
      month = {0},
      volume = {38},
      pages = {260--268},
      }
  • Daniel Feledi and Stefan Fenz and Lukas Lechner, "Towards web-based information security knowledge sharing," Information Security Technical Report, vol. 17, iss. 4, pp. 199-209, 2013. BibTeX
    @ARTICLE{Feledi_Towards_web_based_information__2013,
      Author = {Daniel Feledi and Stefan Fenz and Lukas Lechner},
      title = {Towards web-based information security knowledge sharing},
      journal = {Information Security Technical Report},
      year = {2013},
      month = {5},
      volume = {17},
      number = {4},
      pages = {199-209},
      }
  • Christian Krieg and Adrian Dabrowski and Heidelinde Hobel and Katharina Krombholz and Edgar R. Weippl, "Hardware Malware," Synthesis Lectures on Information Security, Privacy, and Trust, vol. 4, pp. 1-115, 2013. BibTeX
    @ARTICLE{Krieg2013Hardware,
      Author = {Christian Krieg and Adrian Dabrowski and Heidelinde Hobel and Katharina Krombholz and {Edgar R.} Weippl},
      title = {Hardware Malware},
      journal = {Synthesis Lectures on Information Security, Privacy, and Trust},
      year = {2013},
      month = {11},
      volume = {4},
      pages = {1-115},
      }
  • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer, "A Rule Based Transformation System for Converting Semi Structured Medical Documents," Health and Technology, vol. 3, iss. 1, 2013. BibTeX
    @ARTICLE{Heurix_A_Rule_Based_Transformation_Sy_2013,
      Author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
      title = {A Rule Based Transformation System for Converting Semi Structured Medical Documents},
      journal = {Health and Technology},
      year = {2013},
      month = {1},
      volume = {3},
      number = {1},
      }
  • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer, "A rule-based transformation system for converting semi-structured medical documents," Health and Technology, pp. 1-13, 2013. BibTeX
    @ARTICLE{_A_rule_based_transformation_sy_2013,
      Author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
      title = {A rule-based transformation system for converting semi-structured medical documents},
      journal = {Health and Technology},
      year = {2013},
      month = {3},
      pages = {1-13},
      publisher = {Springer},
      }
  • Christos Koukouvinos and C. Parpoul and Dimitris Simos, "Mixed-level Response Surface Designs via a Hybrid Genetic Algorithm," to appear in J. Stat. Appl. Prob., 2013. BibTeX
    @ARTICLE{Koukouvinos_Mixed_level_Response_Surface_D_2013,
      Author = {Christos Koukouvinos and C. Parpoul and Dimitris Simos},
      title = {Mixed-level Response Surface Designs via a Hybrid Genetic Algorithm},
      journal = {to appear in J. Stat. Appl. Prob.},
      year = {2013},
      month = {0},
      }
  • Patrick Gaubatz and Waldemar Hummer and Uwe Zdun and Mark Strembeck, "Supporting Customized Views for Enforcing Access Control Constraints in Real Time Collaborative Web Applications," ICWE, pp. 201-215, 2013. BibTeX
    @ARTICLE{Gaubatz_Supporting_Customized_Views_fo_2013,
      Author = {Patrick Gaubatz and Waldemar Hummer and Uwe Zdun and Mark Strembeck},
      title = {Supporting Customized Views for Enforcing Access Control Constraints in Real Time Collaborative Web Applications },
      journal = {ICWE},
      year = {2013},
      month = {0},
      pages = {201-215},
      }
  • Waldemar Hummer and Patrick Gaubatz and Mark Strembeck and Uwe Zdun and Schahram Dustdar, "Enforcement of Entailment Constraints in Distributed Service-Based Business Processes," Information and Software Technology (IST), 2013. BibTeX
    @ARTICLE{Hummer_Enforcement_of_Entailment_Cons_2013,
      Author = {Waldemar Hummer and Patrick Gaubatz and Mark Strembeck and Uwe Zdun and Schahram Dustdar},
      title = {Enforcement of Entailment Constraints in Distributed Service-Based Business Processes},
      journal = {Information and Software Technology (IST)},
      year = {2013},
      month = {11},
      }
  • Kathrin Figl and Jan Mendling and Mark Strembeck, "The Influence of Notational Deficiencies on Process Model Comprehension," Journal of the Association for Information Systems (JAIS), 2013. BibTeX
    @ARTICLE{Figl2013Influence,
      Author = {Kathrin Figl and Jan Mendling and Mark Strembeck},
      title = {The Influence of Notational Deficiencies on Process Model Comprehension},
      journal = {Journal of the Association for Information Systems (JAIS)},
      year = {2013},
      month = {6},
      }
  • Peter Fruehwirt and Peter Kieseberg and Sebastian Schrittwieser and Markus Huber and Edgar R. Weippl, "InnoDB Database Forensics: Enhanced Reconstruction of Data Manipulation Queries from Redo Logs," Information Security Technical Report (ISTR), Special Issue: ARES, 2013. BibTeX | PDF
    @ARTICLE{_InnoDB_Database_Forensics_Enha_2013,
      Author = {Peter Fruehwirt and Peter Kieseberg and Sebastian Schrittwieser and Markus Huber and {Edgar R.} Weippl},
      title = {InnoDB Database Forensics: Enhanced Reconstruction of Data Manipulation Queries from Redo Logs},
      journal = {Information Security Technical Report (ISTR), Special Issue: ARES},
      year = {2013},
      month = {4},
      pdf = {ARES2012_Journal.pdf},
      }
  • Stefan Sobernig and Mark Strembeck and Sigrid Schefer Wenzl, "Evaluating a UML based Modeling Framework for Process-related Security Properties: A Qualitative Multi Method Study," Proceedings of the 21st European Conference on Information Systems (ECIS), 2013. BibTeX
    @ARTICLE{Schefer-Wenzl_Evaluating_a_UML_based_Modelin_2013,
      Author = {Stefan Sobernig and Mark Strembeck and Sigrid Schefer Wenzl},
      title = {Evaluating a UML based Modeling Framework for Process-related Security Properties: A Qualitative Multi Method Study},
      journal = {Proceedings of the 21st European Conference on Information Systems (ECIS)},
      year = {2013},
      month = {0},
      }
  • Sigrid Schefer Wenzl and Mark Strembeck, "Modeling Context-Aware RBAC Models for Mobile Business Processes," International Journal of Wireless and Mobile Computing (IJWMC), 2013. BibTeX
    @ARTICLE{Wenzl2013Modeling,
      Author = {Sigrid Schefer Wenzl and Mark Strembeck},
      title = {Modeling Context-Aware RBAC Models for Mobile Business Processes},
      journal = {International Journal of Wireless and Mobile Computing (IJWMC)},
      year = {2013},
      month = {0},
      }
  • Gregor Wagner and Per Larsen and Stefan Brunthaler and Michael Franz, "Thinking Inside the Box: Compartmentalized Garbage Collection," ACM Transactions on Programming Languages and Systems (TOPLAS), 2013. BibTeX
    @ARTICLE{WagnerThinking,
      Author = {Gregor Wagner and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {Thinking Inside the Box: Compartmentalized Garbage Collection},
      journal = {ACM Transactions on Programming Languages and Systems (TOPLAS)},
      year = {2013},
      month = {0},
      }
  • Christoph Kerschbaumer and Eric Hennigan and Per Larsen and Stefan Brunthaler and Michael Franz, "Information flow tracking meets just-in-time compilation," ACM Transactions on Architecture and Code Optimization, vol. 10/4, 2013. BibTeX | PDF
    @ARTICLE{Kerschbaumer2013Information,
      Author = {Christoph Kerschbaumer and Eric Hennigan and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {Information flow tracking meets just-in-time compilation},
      journal = {ACM Transactions on Architecture and Code Optimization},
      year = {2013},
      month = {12},
      pdf = {taco13.pdf},
      volume = {10/4},
      }
  • Shareeful Islam and Haralambos Mouratidis and Edgar R. Weippl, "An Empirical Study on the Implementation and Evaluation of a Goal driven Software Development Risk Management Model," Proceedings of the Winter Simulation Conference 2013, 2013. BibTeX | PDF
    @ARTICLE{Islam_An_Empirical_Study_on_the_Impl_2013,
      Author = {Shareeful Islam and Haralambos Mouratidis and {Edgar R.} Weippl},
      title = {An Empirical Study on the Implementation and Evaluation of a Goal driven Software Development Risk Management Model},
      journal = {Proceedings of the Winter Simulation Conference 2013},
      year = {2013},
      month = {0},
      pdf = {empiricalstudy 1.pdf},
      }
  • Mark Strembeck and Stefanie Rinderle-Ma, "Security and Privacy in Business Processes: A Posteriori Analysis Techniques," Information Technology, 2013. BibTeX
    @ARTICLE{Strembeck2013Security,
      Author = {Mark Strembeck and Stefanie Rinderle-Ma},
      title = {Security and Privacy in Business Processes: A Posteriori Analysis Techniques},
      journal = {Information Technology},
      year = {2013},
      month = {12},
      }
  • Bernhard Hoisl and Stefan Sobernig and Mark Strembeck, "Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach," Software and Systems Modeling (SoSyM), 2013. BibTeX | PDF
    @ARTICLE{Hoisl2013Modeling,
      Author = {Bernhard Hoisl and Stefan Sobernig and Mark Strembeck},
      title = {Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach},
      journal = {Software and Systems Modeling (SoSyM)},
      year = {2013},
      month = {0},
      pdf = {Hoisl Modeling and Enforcing paper.pdf},
      }
  • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa, "SEMERGY: Semantic web technology support for comprehensive building design assessment," eWork and eBusiness in Architecture, Engineering and Construction, pp. 363-370, 2012. BibTeX
    @ARTICLE{Mahdavi2012SEMERGY,
      Author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
      title = {SEMERGY: Semantic web technology support for comprehensive building design assessment},
      journal = {eWork and eBusiness in Architecture, Engineering and Construction},
      year = {2012},
      month = {7},
      pages = {363--370},
      }
  • Raydel Montesino and Stefan Fenz and Walter Baluja, "SIEM-based framework for security controls automation," Information Management & Computer Security, 2012. BibTeX
    @ARTICLE{_SIEM_based_framework_for_secur_2012,
      Author = {Raydel Montesino and Stefan Fenz and Walter Baluja},
      title = {SIEM-based framework for security controls automation},
      journal = {Information Management & Computer Security},
      year = {2012},
      month = {3},
      }
  • Mark Guttenbrunner and Andreas Rauber, "A Measurement Framework for Evaluating Emulators for Digital Preservation," ACM Transactions on Information Systems (TOIS), vol. 30, iss. 2, 2012. BibTeX
    @ARTICLE{Guttenbrunner_A_Measurement_Framework_for_Ev_2012,
      Author = {Mark Guttenbrunner and Andreas Rauber},
      title = {A Measurement Framework for Evaluating Emulators for Digital Preservation},
      journal = {ACM Transactions on Information Systems (TOIS)},
      year = {2012},
      month = {3},
      volume = {30},
      number = {2},
      }
  • Johannes Heurix and Michael Karlinger and Thomas Neubauer, "PERiMETER pseudonymization and personal metadata encryption for privacy preserving searchable documents," Health Systems, vol. 1, iss. 1, pp. 46-57, 2012. BibTeX
    @ARTICLE{_PERiMETER_pseudonymization_and_2012,
      Author = {Johannes Heurix and Michael Karlinger and Thomas Neubauer},
      title = {PERiMETER pseudonymization and personal metadata encryption for privacy preserving searchable documents},
      journal = {Health Systems},
      year = {2012},
      month = {6},
      volume = {1},
      number = {1},
      pages = {46-57},
      }
  • Manuel Egele and Theodoor Scholte and Engin Kirda and Christopher Kruegel, "A Survey on Automated Dynamic Malware Analysis Techniques and Tools," ACM Computing Surveys Journal, vol. 44, iss. 2, 2012. BibTeX | PDF
    @ARTICLE{_A_Survey_on_Automated_Dynamic__2012,
      Author = {Manuel Egele and Theodoor Scholte and Engin Kirda and Christopher Kruegel},
      title = {A Survey on Automated Dynamic Malware Analysis Techniques and Tools},
      journal = {ACM Computing Surveys Journal},
      year = {2012},
      month = {2},
      pdf = {malware_survey.pdf},
      volume = {44},
      number = {2},
      }
  • Dimitrios Settas and Antonio Cerone and Stefan Fenz, "Enhancing Ontology-based Antipattern Detection using Bayesian Networks," Expert Systems with Applications, vol. 39, iss. 10, pp. 9041-9053, 2012. BibTeX
    @ARTICLE{_Enhancing_Ontology_based_Antip_2012,
      Author = {Dimitrios Settas and Antonio Cerone and Stefan Fenz},
      title = {Enhancing Ontology-based Antipattern Detection using Bayesian Networks},
      journal = {Expert Systems with Applications},
      year = {2012},
      month = {8},
      volume = {39},
      number = {10},
      pages = {9041-9053},
      }
  • Shareeful Islam and Haralambos Mouratidis and Christos Kalloniatis and Aleksandar Hudic and Lorenz Zechner, "Model Based Process to Support Security and Privacy Requirements Engineering," International Journal of Secure Software Engineering (IJSSE), vol. 3, iss. 3, pp. 1-22, 2012. BibTeX
    @ARTICLE{_Model_Based_Process_to_Support_2012,
      Author = {Shareeful Islam and Haralambos Mouratidis and Christos Kalloniatis and Aleksandar Hudic and Lorenz Zechner},
      title = {Model Based Process to Support Security and Privacy Requirements Engineering},
      journal = {International Journal of Secure Software Engineering (IJSSE)},
      year = {2012},
      month = {7},
      volume = {3},
      number = {3},
      pages = {1-22},
      publisher = {Information Resources Management Association},
      }
  • Markus Huber, "Social Snapshot framework:Crime Investigation on Online Social Networks," ERCIM News, vol. 90, p. 28, 2012. BibTeX
    @ARTICLE{_Social_Snapshot_framework_Crim_2012,
      Author = {Markus Huber},
      title = {Social Snapshot framework:Crime Investigation on Online Social Networks },
      journal = {ERCIM News},
      year = {2012},
      month = {7},
      volume = {90},
      pages = {28},
      }
  • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa, "An ontological model for construction concepts," eWork and eBusiness in Architecture, Engineering and Construction: Ecppm 2012, 2012. BibTeX
    @ARTICLE{Mahdavi2012ontological,
      Author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
      title = {An ontological model for construction concepts},
      journal = {eWork and eBusiness in Architecture, Engineering and Construction: Ecppm 2012},
      year = {2012},
      month = {7},
      }
  • Bernhard Hoisl and Stefan Sobernig and Mark Strembeck, "Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach," Software and Systems Modeling, 2012. BibTeX | PDF
    @ARTICLE{Hoisl2012b,
      Author = {Bernhard Hoisl and Stefan Sobernig and Mark Strembeck},
      title = {Modeling and Enforcing Secure Object Flows in Process-driven SOAs: An Integrated Model-driven Approach},
      journal = {Software and Systems Modeling},
      year = {2012},
      month = {4},
      pdf = {Hoisl Modeling and Enforcing paper.pdf},
      publisher = {Springer},
      }
  • Stefan Fenz, "An ontology-based approach for constructing Bayesian networks," Data and Knowledge Engineering, vol. 73, pp. 73-88, 2012. BibTeX
    @ARTICLE{Fenz_An_ontology_based_approach_for_2012,
      Author = {Stefan Fenz},
      title = {An ontology-based approach for constructing Bayesian networks},
      journal = {Data and Knowledge Engineering},
      year = {2012},
      month = {3},
      abstract = {Bayesian networks are commonly used for determining the probability of events that are influenced by various variables. Bayesian probabilities encode degrees of belief about certain events},
      volume = {73},
      pages = {73-88},
      }
  • Katharina Krombholz and Dieter Merkl and Edgar R. Weippl, "Fake Identities in Social Media: A Case Study on the Sustainability of the Facebook Business Model," Journal of Service Science Research, 2012. BibTeX | PDF
    @ARTICLE{_Fake_Identities_in_Social_Medi_2012,
      Author = {Katharina Krombholz and Dieter Merkl and {Edgar R.} Weippl},
      title = {Fake Identities in Social Media: A Case Study on the Sustainability of the Facebook Business Model},
      journal = {Journal of Service Science Research},
      year = {2012},
      month = {12},
      pdf = {krombholzetal2012.pdf},
      }
  • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer, "Information Security Risk Management: In which security solutions is it worth investing?," Communications of the Association for Information Systems, vol. 28, pp. 329-356, 2011. BibTeX | PDF
    @ARTICLE{Fenz2011a,
      Author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
      title = {Information Security Risk Management: In which security solutions is it worth investing?},
      journal = {Communications of the Association for Information Systems},
      year = {2011},
      month = {5},
      pdf = {2011 - Fenz - Information Security Risk Management In Which Security Solutions Is It Worth Investing.pdf},
      volume = {28},
      pages = {329-356},
      }
  • Mark Strembeck and Jan Mendling, "Modeling Process-related RBAC Models with Extended UML Activity Models," Information and Software Technology, vol. 37, 2011. BibTeX | PDF
  • A. Mladenow and K. Fröschl, "Kooperative Forschung. Eine intermediäre Perspektive IKT-gestützter Koordinationsmodelle für den universitären Wissens- und Technologietransfer," Electronic Business series, vol. 6, 2011. BibTeX
    @ARTICLE{_Kooperative_Forschung_Eine_int_2011,
      Author = {A. Mladenow and K. Fröschl},
      title = {Kooperative Forschung. Eine intermediäre Perspektive IKT-gestützter Koordinationsmodelle für den universitären Wissens- und Technologietransfer},
      journal = {Electronic Business series },
      year = {2011},
      month = {0},
      volume = {6},
      }
  • Stefan Fenz and Simon Parkin and Aad van Moorsel, "Do we have to reinvent the security wheel at every organization?," IT Professional, 2011. BibTeX
    @ARTICLE{Fenz_Do_we_have_to_reinvent_the_sec_2011,
      Author = {Stefan Fenz and Simon Parkin and Aad van Moorsel},
      title = {Do we have to reinvent the security wheel at every organization?},
      journal = {IT Professional},
      year = {2011},
      month = {0},
      note = {not published yet},
      }
  • Stefan Fenz and Simon Parkin and Aad van Moorsel, "A Community Knowledge Base for IT Security," IT Professional, vol. 13, iss. 3, pp. 24-30, 2011. BibTeX
    @ARTICLE{Fenz2011b,
      Author = {Stefan Fenz and Simon Parkin and Aad van Moorsel},
      title = {A Community Knowledge Base for IT Security},
      journal = {IT Professional},
      year = {2011},
      month = {5},
      abstract = {Does every organization need to reinvent the wheel when it comes to IT security? Not if the IT community can develop a formal knowledge base for sharing and applying IT security management knowledge.},
      volume = {13},
      number = {3},
      pages = {24-30},
      }
  • Thomas Neubauer and Markus Pehn, "Workshop-based Security Safeguard Selection with AURUM," International Journal On Advances in Security, vol. 3, 2011. BibTeX
    @ARTICLE{Neubauer_Workshop_based_Security_Safegu_2011,
      Author = {Thomas Neubauer and Markus Pehn},
      title = {Workshop-based Security Safeguard Selection with AURUM},
      journal = {International Journal On Advances in Security},
      year = {2011},
      month = {3},
      volume = {3},
      note = {According to BIB should be B rated but Journal not found},
      }
  • Maria Leitner and Juergen Mangler and Stefanie Rinderle-Ma, "SPRINT Responsibilities: Design and Development of Security," Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications JoWUA, vol. 2, iss. 4, 2011. BibTeX | PDF
    @ARTICLE{Leitner_SPRINT_Responsibilities_Design_2011,
      Author = {Maria Leitner and Juergen Mangler and Stefanie Rinderle-Ma},
      title = {SPRINT Responsibilities: Design and Development of Security},
      journal = {Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications JoWUA},
      year = {2011},
      month = {12},
      pdf = {paper_mangler_2011.pdf},
      volume = {2},
      number = {4},
      }
  • Markus Huber and Martin Schmiedecker and Gerhard Kitzler and Sigrun Goluch and Edgar R. Weippl, "Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam," IEEE Internet Computing: Special Issue on Security and Privacy in Social Networks, 2011. BibTeX | PDF
    @ARTICLE{Huber_Friend_in_the_middle_Attacks_E_2011,
      Author = {Markus Huber and Martin Schmiedecker and Gerhard Kitzler and Sigrun Goluch and {Edgar R.} Weippl},
      title = {Friend-in-the-middle Attacks: Exploiting Social Networking Sites for Spam},
      journal = {IEEE Internet Computing: Special Issue on Security and Privacy in Social Networks},
      year = {2011},
      month = {5},
      pdf = {FITM_InternetComputing_preprint.pdf},
      note = {Pre Print},
      }
  • Hannes Obweger and Josef Schiefer and Martin Suntinger and Peter Kepplinger, "Model-Driven Rule Composition for Event-Based Systems," International Journal of Business Process Integration and Management, 2011. BibTeX | PDF
    @ARTICLE{Obweger_Model_Driven_Rule_Composition__2011,
      Author = {Hannes Obweger and Josef Schiefer and Martin Suntinger and Peter Kepplinger},
      title = {Model-Driven Rule Composition for Event-Based Systems},
      journal = {International Journal of Business Process Integration and Management},
      year = {2011},
      month = {10},
      pdf = {IJBPIM050405 OBWEGER.pdf},
      note = {In Press},
      }
  • Stefan Fenz, "Increasing Knowledge Capturing Efficiency by Enterprise Portals," VINE Journal, 2011. BibTeX | PDF
    @ARTICLE{_Increasing_Knowledge_Capturing_2011,
      Author = {Stefan Fenz},
      title = {Increasing Knowledge Capturing Efficiency by Enterprise Portals},
      journal = {VINE Journal },
      year = {2011},
      month = {10},
      pdf = {sigproc-KCAPsample.pdf},
      }
  • Nenad Jovanovic and Christopher Kruegel and Engin Kirda, "Static analysis for detecting taint-style vulnerabilities in web applications," Journal of Computer Security, vol. 18, 2010. BibTeX
    @ARTICLE{Jovanovic_Static_analysis_for_detecting__2010,
      Author = {Nenad Jovanovic and Christopher Kruegel and Engin Kirda},
      title = {Static analysis for detecting taint-style vulnerabilities in web applications},
      journal = {Journal of Computer Security},
      year = {2010},
      month = {0},
      volume = {18},
      }
  • Simon Tjoa and Stefan Jakoubi and Gernot Goluch and Gerhard Kitzler and Sigrun Goluch and Gerald Quirchmayr, "A Formal Approach Enabling Risk-aware Business Process Modeling and Simulation," IEEE Transactions on Services Computing, 2010. BibTeX | PDF
    @ARTICLE{Tjoa2010a,
      Author = {Simon Tjoa and Stefan Jakoubi and Gernot Goluch and Gerhard Kitzler and Sigrun Goluch and Gerald Quirchmayr},
      title = {A Formal Approach Enabling Risk-aware Business Process Modeling and Simulation},
      journal = {IEEE Transactions on Services Computing},
      year = {2010},
      month = {4},
      pdf = {Tjoa_TSC2010.pdf},
      }
  • Mark Strembeck, "Scenario-Driven Role Engineering," IEEE Security and Privacy, vol. 8, iss. 1, 2010. BibTeX
    @ARTICLE{Strembeck_Scenario_Driven_Role_Engineeri_2010,
      Author = {Mark Strembeck},
      title = {Scenario-Driven Role Engineering},
      journal = {IEEE Security and Privacy},
      year = {2010},
      month = {2},
      volume = {8},
      number = {1},
      }
  • Martin Schmiedecker and Markus Huber and Edgar R. Weippl, "Anonymity and Monitoring: How to Monitor the Infrastructure of an Anonymity System," IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, pp. 539-546, 2010. BibTeX | PDF
    @ARTICLE{Mulazzani_Anonymity_and_Monitoring_How_t_2010,
      Author = {Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
      title = {Anonymity and Monitoring: How to Monitor the Infrastructure of an Anonymity System},
      journal = {IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews},
      year = {2010},
      month = {9},
      pdf = {IEEE_SMC_Tor_finalPreprint.pdf},
      pages = {539-546},
      }
  • Johannes Heurix and Thomas Neubauer, "A methodology for the pseudonymization of medical data," International Journal of Medical Informatics, vol. 80, pp. 190-204, 2010. BibTeX
    @ARTICLE{Neubauer_A_methodology_for_the_pseudony_2010,
      Author = {Johannes Heurix and Thomas Neubauer},
      title = {A methodology for the pseudonymization of medical data},
      journal = {International Journal of Medical Informatics},
      year = {2010},
      month = {10},
      volume = {80},
      pages = {190-204},
      }
  • Thomas Neubauer, "Pseudonymisierung fuer die datenschutzkonforme Speicherung medizinischer Daten," Elektrotechnik und Informationstechnik, 2010. BibTeX
    @ARTICLE{Neubauer_Pseudonymisierungfuerdie_2010,
      Author = {Thomas Neubauer},
      title = {Pseudonymisierung fuer die datenschutzkonforme Speicherung medizinischer Daten},
      journal = {Elektrotechnik und Informationstechnik},
      year = {2010},
      month = {1},
      }
  • Thomas Neubauer and Johannes Heurix and A Min Tjoa and Edgar R. Weippl, "Pseudonymisierung für die datenschutzkonforme Speicherung medizinischer Daten," Elektrotechnik und Informationstechnik, vol. 127, iss. 5, pp. 135-142, 2010. BibTeX
    @ARTICLE{Neubauer_Pseudonymisierung_f_r_die_date_2010,
      Author = {Thomas Neubauer and Johannes Heurix and {A Min} Tjoa and {Edgar R.} Weippl},
      title = {Pseudonymisierung für die datenschutzkonforme Speicherung medizinischer Daten},
      journal = {Elektrotechnik und Informationstechnik},
      year = {2010},
      month = {5},
      volume = {127},
      number = {5},
      pages = {135-142},
      }
  • Muhammad Asfand e yar and Amin Anjomshoaa and Edgar R. Weippl and A Min Tjoa, "Exploiting Ontology for Software License Agreements," International Journal of Software and Informatics (IJSI), vol. 4, iss. 1, pp. 1-12, 2010. BibTeX
    @ARTICLE{Asfand-e-yar_Exploiting_Ontology_for_Softwa_2010,
      Author = {Muhammad Asfand e yar and Amin Anjomshoaa and {Edgar R.} Weippl and {A Min} Tjoa},
      title = {Exploiting Ontology for Software License Agreements},
      journal = {International Journal of Software and Informatics (IJSI)},
      year = {2010},
      month = {3},
      volume = {4},
      number = {1},
      pages = {1--12},
      note = {According to Aminwithin Reporting Timeframe},
      }
  • Amin Anjomshoaa and Khue Vo Sao and Amirreza Tahamtan and A Min Tjoa and Edgar R. Weippl, "Self-Monitoring in Social Networks," Special issue for the International Journal of Intelligent Information and Database Systems (IJIIDS), 2010. BibTeX
    @ARTICLE{Anjomshoaa_Self_Monitoring_in_Social_Netw_2010,
      Author = {Amin Anjomshoaa and Khue Vo Sao and Amirreza Tahamtan and {A Min} Tjoa and {Edgar R.} Weippl},
      title = {Self-Monitoring in Social Networks},
      journal = {Special issue for the International Journal of Intelligent Information and Database Systems (IJIIDS)},
      year = {2010},
      month = {0},
      note = {According to Aminwithin Reporting Timeframe},
      }
  • Stefan Fenz and Andreas Ekelhart, "Verification, Validation, and Evaluation in Information Security Risk Management," IEEE Security and Privacy, vol. 8, pp. 18-25, 2010. BibTeX
    @ARTICLE{Fenz_Verification_Validation_and_Ev_2010,
      Author = {Stefan Fenz and Andreas Ekelhart},
      title = {Verification, Validation, and Evaluation in Information Security Risk Management},
      journal = {IEEE Security and Privacy},
      year = {2010},
      month = {11},
      volume = {8},
      pages = {18-25},
      publisher = {IEEE Computer Society},
      }
  • Stefan Brunthaler, "Virtual-Machine Abstraction and Optimization Techniques," Electronic Notes in Theoretical Computer Science, vol. 253/5, 2009. BibTeX | PDF
    @ARTICLE{Brunthaler2009VirtualMachine,
      Author = {Stefan Brunthaler},
      title = {Virtual-Machine Abstraction and Optimization Techniques},
      journal = {Electronic Notes in Theoretical Computer Science},
      year = {2009},
      month = {0},
      pdf = {bytecode09.pdf},
      volume = {253/5},
      }
  • Thomas Neubauer and Christian Stummer, "Interaktive Portfolioauswahl im IT-Servicemanagement," HMD – Praxis der Wirtschaftsinformatik, vol. 256, pp. 48-55, 2009. BibTeX
    @ARTICLE{Neubauer_InteraktivePortfolioauswahlim_2009,
      Author = {Thomas Neubauer and Christian Stummer},
      title = {Interaktive Portfolioauswahl im IT-Servicemanagement},
      journal = {HMD - Praxis der Wirtschaftsinformatik},
      year = {2009},
      month = {1},
      volume = {256},
      pages = {48-55},
      }
  • Mark Strembeck and Uwe Zdun, "An Approach for the Systematic Development of Domain-Specific Languages," Software: Practice and Experience (SP&E), vol. 39, iss. 15, 2009. BibTeX
    @ARTICLE{Strembeck_An_Approach_for_the_Systematic_2009,
      Author = {Mark Strembeck and Uwe Zdun},
      title = {An Approach for the Systematic Development of Domain-Specific Languages},
      journal = {Software: Practice and Experience (SP&E)},
      year = {2009},
      month = {10},
      volume = {39},
      number = {15},
      }
  • Thomas Neubauer, "An Empirical Study about the Status of Business Process Management," Business Process Management Journal, vol. 15, iss. 2, pp. 166-183, 2009. BibTeX
    @ARTICLE{Neubauer_EmpiricalStudyabout_2009,
      Author = {Thomas Neubauer},
      title = {An Empirical Study about the Status of Business Process Management},
      journal = {Business Process Management Journal},
      year = {2009},
      month = {1},
      volume = {15},
      number = {2},
      pages = {166-183},
      }
  • Thomas Neubauer and Christian Stummer, "Interactive selection of Web services under multiple objectives," Information Technology and Management, 2009. BibTeX
    @ARTICLE{Neubauer_Interactiveselectionof_2009,
      Author = {Thomas Neubauer and Christian Stummer},
      title = {Interactive selection of Web services under multiple objectives},
      journal = {Information Technology and Management},
      year = {2009},
      month = {1},
      abstract = {Abstract\ \ The manual composition of efficient combinations of Web services becomes almost impossible as the number of services increases dramatically. When determining an appropriate set of services, managers must take into consideration given business processes, business strategy and multiple Quality of Service (QoS) objectives while ensuring the cost-efficient usage of limited resources. Because the agility with which new business requirements are adapted has a major influence on business success and poor investment decisions may thus entail corporate failure, decision makers are experiencing growing pressure to prove the value of IT investments---but they often lack appropriate multicriteria decision support tools. This paper introduces a new decision support approach that more properly addresses these challenges. We implemented this approach into a tool and evaluated the performance of two popular methods (i.e., the Analytic Hierarchy Process and the Weighted Scoring Method) by means of a real-life case study in the social security sector. It turns out that the decision support system assists decision makers in identifying investments that more precisely target their company's business needs by allowing them to interactively determine and continually optimize service allocation according to the corporate business processes and multiple (strategic) objectives.},
      }
  • Thomas Neubauer and Bernhard Riedl and Veronika Grascher, "A Secure e-Health Architecture based on the Appliance of Pseudonymization," Journal of Software, 2008. BibTeX
    @ARTICLE{Riedl_SecureeHealthArchitecture_2008,
      Author = {Thomas Neubauer and Bernhard Riedl and Veronika Grascher},
      title = {A Secure e-Health Architecture based on the Appliance of Pseudonymization},
      journal = {Journal of Software},
      year = {2008},
      month = {1},
      }
  • Stefan Fenz and Edgar R. Weippl and Andreas Ekelhart and Gernot Goluch and Markus Steinkellner, "XML Security – A comparative literature review," Journal of Systems and Software, vol. 81, pp. 1715-1724, 2008. BibTeX
    @ARTICLE{Ekelhart_XMLSecurity_2008,
      Author = {Stefan Fenz and {Edgar R.} Weippl and Andreas Ekelhart and Gernot Goluch and Markus Steinkellner},
      title = {XML Security - A comparative literature review},
      journal = {Journal of Systems and Software},
      year = {2008},
      month = {1},
      volume = {81},
      pages = {1715-1724},
      note = {ISSN: 0164-1212},
      }
  • A Min Tjoa and Amin Anjomshoaa and Mansoor Ahmed, "Context-Based Privacy Management of Personal Information Using Semantic Desktop: SemanticLIFE Case Study," Proceedings of the 10th International Conference on Informationb Integration and Web-based Application & Services, pp. 214-221, 2008. BibTeX
    @ARTICLE{TUW-168902,
      Author = {{A Min} Tjoa and Amin Anjomshoaa and Mansoor Ahmed},
      title = {Context-Based Privacy Management of Personal Information Using Semantic Desktop: SemanticLIFE Case Study},
      journal = {Proceedings of the 10th International Conference on Informationb Integration and Web-based Application {\&} Services},
      year = {2008},
      month = {1},
      pages = {214--221},
      publisher = {Oesterreichische Computer Geselschaft},
      note = {Vortrag: iiWAS 2008, Linz; 2008-11-24 -- 2008-11-26},
      }
  • Christopher Kruegel and Engin Kirda and Sean McAllister, "Leveraging User Interactions for In-Depth Testing of Web Applications," RAID ’08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, pp. 191-210, 2008. BibTeX
    @ARTICLE{1433021,
      Author = {Christopher Kruegel and Engin Kirda and Sean McAllister},
      title = {Leveraging User Interactions for In-Depth Testing of Web Applications},
      journal = {RAID '08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection},
      year = {2008},
      month = {1},
      pages = {191--210},
      publisher = {Springer-Verlag},
      }
  • Edgar R. Weippl, "Cyber Attacks and the article 5 of the Treaty of NATO," Euro Atlantic Quarterly, p. 22, 2008. BibTeX
    @ARTICLE{weippl_gca,
      Author = {{Edgar R.} Weippl},
      title = {Cyber Attacks and the article 5 of the Treaty of NATO},
      journal = {Euro Atlantic Quarterly},
      year = {2008},
      month = {1},
      pages = {22},
      note = {ISSN 1336-8761},
      }
  • Johannes Heurix and Thomas Neubauer, "Multiobjective Decision Support for defining Secure Business Processes: A Case Study," International Journal of Business Intelligence and Data Mining, vol. 3, iss. 2, pp. 177-195, 2008. BibTeX
    @ARTICLE{Neubauer_MultiobjectiveDecisionSupport_2008_full,
      Author = {Johannes Heurix and Thomas Neubauer},
      title = {Multiobjective Decision Support for defining Secure Business Processes: A Case Study},
      journal = {International Journal of Business Intelligence and Data Mining},
      year = {2008},
      month = {1},
      volume = {3},
      number = {2},
      pages = {177-195},
      publisher = {OCG},
      }
  • Mark Strembeck and Uwe Zdun, "Modeling Interdependent Concern Behavior Using Extended Activity Models," Journal of Object Technology (JOT), vol. 7, iss. 6, 2008. BibTeX
    @ARTICLE{Zdun_Modeling_Interdependent_Concer_2008,
      Author = {Mark Strembeck and Uwe Zdun},
      title = {Modeling Interdependent Concern Behavior Using Extended Activity Models},
      journal = {Journal of Object Technology (JOT)},
      year = {2008},
      month = {7},
      volume = {7},
      number = {6},
      }
  • Edgar R. Weippl, "Security Considerations in M-Learning: Threats and Countermeasures," Advanced Technology for Learning, vol. 4, iss. 2, pp. 1-7, 2007. BibTeX
    @ARTICLE{Weippl_SecurityConsiderationsin_2007,
      Author = {{Edgar R.} Weippl},
      title = {Security Considerations in M-Learning: Threats and Countermeasures},
      journal = {Advanced Technology for Learning},
      year = {2007},
      month = {1},
      volume = {4},
      number = {2},
      pages = {1--7},
      publisher = {Acta Press},
      }
  • Edgar R. Weippl, "Dependability in E-Assessment," International Journal on E-Learning, vol. 6, iss. 2, 2007. BibTeX
    @ARTICLE{Weippl_DependabilityinEAssessment_2007,
      Author = {{Edgar R.} Weippl},
      title = {Dependability in E-Assessment},
      journal = {International Journal on E-Learning},
      year = {2007},
      month = {1},
      volume = {6},
      number = {2},
      publisher = {AACE},
      }
  • Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Markus Klemen and Edgar R. Weippl, "Architectural approach for handling semi-structured data in a user-centered working environment," International Journal of Web Information Systems, vol. 3, pp. 198-211, 2007. BibTeX | PDF
    @ARTICLE{Ekelhart_Architecturalapproachhandling_2007,
      Author = {Andreas Ekelhart and Stefan Fenz and Gernot Goluch and Markus Klemen and {Edgar R.} Weippl},
      title = {Architectural approach for handling semi-structured data in a user-centered working environment},
      journal = {International Journal of Web Information Systems},
      year = {2007},
      month = {1},
      pdf = {2007 - Ekelhart - Architectural Approach for Handling Semi-Structured Data in a User-Centered Working Environment.pdf},
      volume = {3},
      pages = {198--211},
      }
  • Thomas Neubauer and Bernhard Riedl and Thomas Mueck, "Pseudonymisierung zur sicheren Umsetzung des elektronischen Gesundheitsakts," OCG Journal, vol. 4, 2007. BibTeX
    @ARTICLE{Neubauer_Pseudonymisierungzursicheren_2007,
      Author = {Thomas Neubauer and Bernhard Riedl and Thomas Mueck},
      title = {Pseudonymisierung zur sicheren Umsetzung des elektronischen Gesundheitsakts},
      journal = {OCG Journal},
      year = {2007},
      month = {1},
      volume = {4},
      }
  • Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi, "Enabling the Risk-Aware Modeling and Simulation of Business Processes," JISSec – Journal of Information System Security, 2007. BibTeX
    @ARTICLE{Jakoubi_EnablingRiskAwareModeling_2007,
      Author = {Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi},
      title = {Enabling the Risk-Aware Modeling and Simulation of Business Processes},
      journal = {JISSec - Journal of Information System Security},
      year = {2007},
      month = {1},
      abstract = {Risk management is essential regarding the maintenance of a company's business processes. The ability of companies to prevent risks as well as to respond quickly and appropriately to emerging threats is increasingly becoming a crucial success factor. In order to cope with these challenges, companies constitute business process and risk management approaches. Traditional business process management focuses on the economical optimization of processes. Apart from that, risk management provides the design of robust business processes to strengthen the resilience of daily business. Both domains aim at improving business performance, but they approach this goal from a different view on the understanding of improvement. Due to the fact that optimizing recommendations of business process management and risk management may be contradictory, we propose one unified method which integrates both points of views to enable risk-aware business process management and optimization. In this paper, we introduce the ROPE (Risk-Oriented Process Evaluation) methodology which combines capabilities of business process management, risk management and business continuity management to support the holistic evaluation of business processes not only regarding their economic efficiency but also their robustness and security. The basis for this combination is the refinement of business process activities into four atomic elements (Conditions, Actions, Resources and Environments) and a process-oriented way of modeling threats, preventive and reactive counter measures as well as recovery measures. In this paper we demonstrate how risk-aware business process management and simulation can be enabled through the application of the ROPE methodology.},
      }
  • Mark Strembeck and Uwe Zdun and Gustaf Neumann, "Object-based and class-based composition of transitive mixins," Information and Software Technology, vol. 49, iss. 8, 2007. BibTeX
    @ARTICLE{Zdun_Object_based_and_class_based_c_2007,
      Author = {Mark Strembeck and Uwe Zdun and Gustaf Neumann},
      title = {Object-based and class-based composition of transitive mixins},
      journal = {Information and Software Technology},
      year = {2007},
      month = {8},
      volume = {49},
      number = {8},
      }
  • Christopher Kruegel and Engin Kirda and Ulrich Bayer and Andreas Moser, "Dynamic Analysis of Malicious Code," Journal in Computer Virology, 2006. BibTeX
    @ARTICLE{Bayer_DynamicAnalysisof_2006,
      Author = {Christopher Kruegel and Engin Kirda and Ulrich Bayer and Andreas Moser},
      title = {Dynamic Analysis of Malicious Code},
      journal = {Journal in Computer Virology},
      year = {2006},
      month = {1},
      abstract = {Malware analysis is the process of determining the purpose and functionality of a given malware sample (such as a virus, worm, or Trojan horse). This process is a necessary step to be able to develop effective detection techniques for malicious code. In addition, it is an important prerequisite for the development of removal tools that can thoroughly delete malware from an infected machine. Traditionally, malware analysis has been a manual process that is tedious and time-intensive. Unfortunately, the number of samples that need to be analyzed by security vendors on a daily basis is constantly increasing. This clearly reveals the need for tools that automate and simplify parts of the analysis process. In this paper, we present TTAnalyze, a tool for dynamically analyzing the behavior of Windows executables. To this end, the binary is run in an emulated operating system environment and its (security-relevant) actions are monitored. In particular, we record the Windows native system calls and Windows API functions that the program invokes. One important feature of our system is that it does not modify the program that it executes (e.g., through API call hooking or breakpoints), making it more difficult to detect by malicious code. Also, our tool runs binaries in an unmodified Windows environment, which leads to excellent emulation accuracy. These factors make TTAnalyze an ideal tool for quickly understanding the behavior of an unknown malware.},
      publisher = {Springer Computer Science},
      }
  • Edgar R. Weippl, "On the Use of Test Centers in e-Assessment," eLearning Reports, iss. 7, 2006. BibTeX
    @ARTICLE{Weippl_UseofTest_2006,
      Author = {{Edgar R.} Weippl},
      title = {On the Use of Test Centers in e-Assessment},
      journal = {eLearning Reports},
      year = {2006},
      month = {2},
      volume = {0},
      number = {7},
      }
  • Edgar R. Weippl and Mathias Strasser, "Sarbanes-Oxley Act Compliance: Strategies for Implementing a Audit Committee Complaints Procedure," Information Systems Control Journal, vol. 4, iss. 10, 2006. BibTeX
    @ARTICLE{Weippl_SarbanesOxleyActCompliance_2006,
      Author = {{Edgar R.} Weippl and Mathias Strasser},
      title = {Sarbanes-Oxley Act Compliance: Strategies for Implementing a Audit Committee Complaints Procedure},
      journal = {Information Systems Control Journal},
      year = {2006},
      month = {8},
      volume = {4},
      number = {10},
      publisher = {ISACA},
      }
  • A Min Tjoa and Edgar R. Weippl and Andreas Holzinger, "Security Aspects of Ubiquitous Computing in Health Care," e\&i, vol. 2006, iss. 4, pp. 156-161, 2006. BibTeX
    @ARTICLE{Weippl_SecurityAspectsof_2006,
      Author = {{A Min} Tjoa and {Edgar R.} Weippl and Andreas Holzinger},
      title = {Security Aspects of Ubiquitous Computing in Health Care},
      journal = {e\&i},
      year = {2006},
      month = {1},
      volume = {2006},
      number = {4},
      pages = {156--161},
      publisher = {Springer Verlag},
      note = {http://dx.doi.org/10.1007/s00502-006-0336},
      }
  • Stefan Biffl and Thomas Neubauer, "Geschäftsprozessmanagement -Eine empirische Studie zum Status quo in Österreich, der Schweiz und Deutschland," OCG Journal, vol. 5, 2005. BibTeX
    @ARTICLE{Neubauer_GeschaftsprozessmanagementEineempirische_2005,
      Author = {Stefan Biffl and Thomas Neubauer},
      title = {Gesch\"aftsprozessmanagement -{E}ine empirische {S}tudie zum {S}tatus quo in \"Osterreich, der {S}chweiz und {D}eutschland},
      journal = {O{CG} {J}ournal},
      year = {2005},
      month = {1},
      volume = {5},
      }
  • A Min Tjoa and Edgar R. Weippl and Tho Manh Nguyen and Peter Brezany, "Toward a Grid-Based Zero-Latency Data Warehousing Implementation for Continuous Data Streams Processing," International Journal of Data Warehousing and Mining, vol. 1, iss. 4, pp. 22-55, 2005. BibTeX
    @ARTICLE{Nguyen_TowardGridBasedZeroLatency_2005,
      Author = {{A Min} Tjoa and {Edgar R.} Weippl and {Tho Manh} Nguyen and Peter Brezany},
      title = {Toward a Grid-Based Zero-Latency Data Warehousing Implementation for Continuous Data Streams Processing},
      journal = {International Journal of Data Warehousing and Mining},
      year = {2005},
      month = {1},
      volume = {1},
      number = {4},
      pages = {22-55},
      publisher = {Idea Group},
      }
  • Edgar R. Weippl, "On the Use of Test Centers in E-Assessment," published in elearningreports.com, 2005. BibTeX
    @ARTICLE{Weippl_UseofTest_2005,
      Author = {{Edgar R.} Weippl},
      title = {On the Use of Test Centers in E-Assessment},
      journal = {published in elearningreports.com},
      year = {2005},
      month = {1},
      }
  • Edgar R. Weippl, "Security in E-Learning," ACM ELearn Magazine, 2005. BibTeX | PDF
    @ARTICLE{Weippl_SecurityinELearning_2005,
      Author = {{Edgar R.} Weippl},
      title = {Security in E-Learning},
      journal = {ACM ELearn Magazine},
      year = {2005},
      month = {1},
      pdf = {p431-khan.pdf},
      acm = {867458},
      }
  • A Min Tjoa and Edgar R. Weippl, "Privacy in E-Learning: Anonymity, Pseudonyms and Authenticated Usage," Interactive Technology and Smart Education (ITSE), vol. 2005, iss. 2, pp. 247-256, 2005. BibTeX
    @ARTICLE{Weippl_PrivacyinELearning_2005,
      Author = {{A Min} Tjoa and {Edgar R.} Weippl},
      title = {Privacy in E-Learning: Anonymity, Pseudonyms and Authenticated Usage},
      journal = {Interactive Technology and Smart Education (ITSE)},
      year = {2005},
      month = {1},
      volume = {2005},
      number = {2},
      pages = {247--256},
      publisher = {Troubador Publishing Ltd.},
      }
  • Edgar R. Weippl and Wolfgang Essmayr and Stefan Probst, "Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms," International Journal of Electronic Commerce Research, vol. 4, iss. 1, pp. 127-156, 2004. BibTeX
    @ARTICLE{weippl_ae,
      Author = {{Edgar R.} Weippl and Wolfgang Essmayr and Stefan Probst},
      title = {Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms},
      journal = {International Journal of Electronic Commerce Research},
      year = {2004},
      month = {1},
      volume = {4},
      number = {1},
      pages = {127--156},
      publisher = {Kluwer},
      }
  • Edgar R. Weippl, "Security in Mobile Multimedia," Journal of Communication Engineering, vol. 1, iss. 1, pp. 59-69, 2004. BibTeX
    @ARTICLE{weippl_ag,
      Author = {{Edgar R.} Weippl},
      title = {Security in Mobile Multimedia},
      journal = {Journal of Communication Engineering},
      year = {2004},
      month = {1},
      volume = {1},
      number = {1},
      pages = {59--69},
      note = {ISSN 1693-5152},
      }
  • Edgar R. Weippl and Wolfgang Essmayr and Ludwig Klug, "A New Approach to Secure Federated Information Bases using Agent Technology," Journal of Database Management, Kluwer, vol. 14, iss. 1, pp. 48-68, 2003. BibTeX
    @ARTICLE{weippl_af,
      Author = {{Edgar R.} Weippl and Wolfgang Essmayr and Ludwig Klug},
      title = {A New Approach to Secure Federated Information Bases using Agent Technology},
      journal = {Journal of Database Management, Kluwer},
      year = {2003},
      month = {1},
      volume = {14},
      number = {1},
      pages = {48--68},
      }
  • Edgar R. Weippl and Wolfgang Essmayr, "Personal Trusted Devices for web services: Revisiting Multilevel Security," Mobile Networks and Applications, Kluwer, vol. 8, iss. 2, pp. 151-157, 2003. BibTeX
    @ARTICLE{weippl_aa,
      Author = {{Edgar R.} Weippl and Wolfgang Essmayr},
      title = {Personal Trusted Devices for web services: Revisiting Multilevel Security},
      journal = {Mobile Networks and Applications, Kluwer},
      year = {2003},
      month = {1},
      volume = {8},
      number = {2},
      pages = {151--157},
      }
  • Edgar R. Weippl, "The Transition from E-commerce to M-commerce: Why Security should be the enabling technology," Journal of Information Technology Theory and Application (JITTA), vol. 3, iss. 4, pp. 17-19, 2001. BibTeX
    @ARTICLE{weippl_ga,
      Author = {{Edgar R.} Weippl},
      title = {The Transition from E-commerce to M-commerce: Why Security should be the enabling technology},
      journal = {Journal of Information Technology Theory and Application (JITTA)},
      year = {2001},
      month = {1},
      volume = {3},
      number = {4},
      pages = {17--19},
      note = {\url{http://peffers.net/journal/volume3_4/ecpreface.pdf}},
      }

book

  • Dietmar Winkler and Stefan Biffl and Johannes Bergsmann, Software Quality. The Future of Software Quality: Proceedings of the 8th International Conference, SWQD 2016, , 2015. BibTeX
    @BOOK{Winkler2015Software,
      Author = {Dietmar Winkler and Stefan Biffl and Johannes Bergsmann},
      title = {Software Quality. The Future of Software Quality: Proceedings of the 8th International Conference, SWQD 2016},
      booktitle = {8th Software Quality Days},
      year = {2015},
      month = {12},
      }
  • Stefan Proell and Eva Zangerle and Wolfgang Gassler, MySQL 5.7: Das umfassende Handbuch, Rheinwerk Computing, 2015. BibTeX
    @BOOK{Proell2015MySQL,
      Author = {Stefan Proell and Eva Zangerle and Wolfgang Gassler},
      title = {MySQL 5.7: Das umfassende Handbuch},
      booktitle = {Galileo Computing},
      year = {2015},
      month = {5},
      publisher = {Rheinwerk Computing},
      }
  • Edgar R. Weippl and Joe Luca, ED-MEDIA Conference Proceedings, AACE, 2008. BibTeX
    @BOOK{Weippl_EDMEDIAConferenceProceedings_2008,
      Author = {{Edgar R.} Weippl and Joe Luca},
      title = {ED-MEDIA Conference Proceedings},
      year = {2008},
      month = {1},
      publisher = {AACE},
      }
  • Edgar R. Weippl and Simon Tjoa and Stefan Jakoubi, ARES Conference Proceedings, IEEE, 2008. BibTeX
    @BOOK{Tjoa_ARESConferenceProceedings_2008,
      Author = {{Edgar R.} Weippl and Simon Tjoa and Stefan Jakoubi},
      title = {ARES Conference Proceedings},
      year = {2008},
      month = {1},
      publisher = {IEEE},
      }
  • Edgar R. Weippl, Security in E-Learning, Springer NY, 2005. BibTeX
    @BOOK{Weippl_SecurityinELearning_2005b,
      Author = {{Edgar R.} Weippl},
      title = {Security in E-Learning},
      year = {2005},
      month = {1},
      publisher = {Springer NY},
      note = {ISBN 0-387-24341-0, \url{http://www.e-learning-security.org}},
      }

inbook

  • Paris Kitsos and Nicolas Sklavos and Artemios G. Voyiatzis, "Ring Oscillators and Hardware Trojan Detection." Springer International Publishing, 2017, pp. 169-187. BibTeX | PDF
    @INBOOK{Kitsos2017Ring,
      Author = {Paris Kitsos and Nicolas Sklavos and {Artemios G.} Voyiatzis},
      title = {Ring Oscillators and Hardware Trojan Detection},
      booktitle = {Hardware Security and Trust: Design and Deployment of Integrated Circuits in a Threatened Environment},
      year = {2017},
      month = {0},
      pdf = {http://dx.doi.org/10.1007/978-3-319-44318-8_9},
      pages = {169--187},
      publisher = {Springer International Publishing},
      }
  • Stefan Biffl and A. Lüder and Dietmar Winkler, "Multi-Disciplinary Engineering for Industrie 4.0: Semantic Challenges, Needs, and Capabilities." Springer, 2016. BibTeX
    @INBOOK{Biffl2016MultiDisciplinary,
      Author = {Stefan Biffl and A. Lüder and Dietmar Winkler},
      title = {Multi-Disciplinary Engineering for Industrie 4.0: Semantic Challenges, Needs, and Capabilities},
      booktitle = {Biffl S., Sabou M. (Eds.): Semantic Web for Intelligent Engineering Applications},
      year = {2016},
      month = {0},
      publisher = {Springer},
      }
  • Stefan Biffl and Richard Mordiny and Heinrich Steininger and Dietmar Winkler, "Integrationsplattform für anlagenmodellorientiertes Engineering – Bedarfe und Lösungsansätze." Springer, 2016, pp. 1-24. BibTeX | PDF
    @INBOOK{Biffl2016Integrationsplattform,
      Author = {Stefan Biffl and Richard Mordiny and Heinrich Steininger and Dietmar Winkler},
      title = {Integrationsplattform für anlagenmodellorientiertes Engineering - Bedarfe und Lösungsansätze},
      booktitle = {Handbuch Industrie 4.0: Produktion, Automatisierung und Logistik},
      year = {2016},
      month = {0},
      pdf = {http://dx.doi.org/10.1007/978-3-662-45537-1_88-1},
      pages = {1--24},
      publisher = {Springer},
      }
  • Dietmar Winkler and Richard Mordiny and Stefan Biffl, "Qualitätssicherung in heterogenen und verteilten Entwicklungsumgebungen für industrielle Produktionssysteme." Springer, 2016, pp. 1-20. BibTeX | PDF
    @INBOOK{Winkler2016Qualittssicherung,
      Author = {Dietmar Winkler and Richard Mordiny and Stefan Biffl},
      title = {Qualitätssicherung in heterogenen und verteilten Entwicklungsumgebungen für industrielle Produktionssysteme},
      booktitle = {Handbuch Industrie 4.0: Produktion, Automatisierung und Logistik},
      year = {2016},
      month = {0},
      pdf = {http://dx.doi.org/10.1007/978-3-662-45537-1_89-1},
      pages = {1--20},
      publisher = {Springer},
      }
  • Dimitris Simos, "Genetic Algorithms for the Construction of 2^2 and 2^3-Level Response Surface Designs." , 2015, vol. 38. BibTeX | PDF
    @INBOOK{Simos2015Genetic,
      Author = {Dimitris Simos},
      title = {Genetic Algorithms for the Construction of {2^2} and {2^3}-Level Response Surface Designs},
      booktitle = {Engineering and Applied Sciences Optimization, Computational Methods in Applied Sciences},
      year = {2015},
      month = {0},
      pdf = {http://link.springer.com/chapter/10.1007/978-3-319-18320-6_11},
      volume = {38},
      }
  • Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and A Min Tjoa, "Multi-Actor Urban Energy Planning Support: Building refurbishment and Building-integrated Solar PV." , 2015. BibTeX
    @INBOOK{Ouhajjou2015MultiActor,
      Author = {Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and {A Min} Tjoa},
      title = {Multi-Actor Urban Energy Planning Support: Building refurbishment and Building-integrated Solar PV},
      booktitle = {Multi-Actor Urban Energy Planning Support: Building refurbishment and Building-integrated Solar PV},
      year = {2015},
      month = {5},
      }
  • Johanna Ullrich and Edgar R. Weippl, "Protection through Isolation: Virtues and Pitfalls." , 2015. BibTeX | PDF
    @INBOOK{Ullrich2015Protection,
      Author = {Johanna Ullrich and {Edgar R.} Weippl},
      title = {Protection through Isolation: Virtues and Pitfalls},
      booktitle = {The Cloud Security Ecosystem},
      year = {2015},
      month = {5},
      pdf = {https://www.safaribooksonline.com/library/view/the-cloud-security/9780128017807/B9780128015957000069.xhtml},
      }
  • Otto Hellwig, "Organisation, Rahmenbedingungen und Kommunikation bei CERTs." Springer, 2015. BibTeX
    @INBOOK{Hellwig2015Organisation,
      Author = {Otto Hellwig},
      title = {Organisation, Rahmenbedingungen und Kommunikation bei CERTs},
      booktitle = {Sicherheit in Cyber-Netzwerken - Computer Emergency Response Teams und ihre Kommunikation},
      year = {2015},
      month = {3},
      publisher = {Springer},
      note = {ISBN 978-3-658-09058-6},
      }
  • Otto Hellwig, "Anforderungen an die Modellierung der Kommunikation von CERTs." Springer, 2015. BibTeX
    @INBOOK{Hellwig2015Anforderungen,
      Author = {Otto Hellwig},
      title = {Anforderungen an die Modellierung der Kommunikation von CERTs},
      booktitle = {Sicherheit in Cyber-Netzwerken - Computer Emergency Response Teams und ihre Kommunikation},
      year = {2015},
      month = {3},
      publisher = {Springer},
      note = {ISBN 978-3-658-09058-6},
      }
  • Bernhard Hoisl and Zhenjiang Hu and Soichiro Hidaka, "Towards Co-Evolution in Model-driven Development via Bidirectional Higher-Order Transformation." , 2014. BibTeX | PDF
    @INBOOK{Hoisl2014Towards,
      Author = {Bernhard Hoisl and Zhenjiang Hu and Soichiro Hidaka},
      title = {Towards Co-Evolution in Model-driven Development via Bidirectional Higher-Order Transformation},
      booktitle = {Communications in Computer and Information Science},
      year = {2014},
      month = {0},
      pdf = {http://nm.wu-wien.ac.at/nm/file/MODELSWARD2014-PP.pdf?m=download},
      }
  • Peter Kieseberg and Heidelinde Hobel and Sebastian Schrittwieser and Edgar R. Weippl and Andreas Holzinger, "Protecting Anonymity in Data-Driven Biomedical Science." , 2014, pp. 301-316. BibTeX | PDF
    @INBOOK{Kieseberg2014Protecting,
      Author = {Peter Kieseberg and Heidelinde Hobel and Sebastian Schrittwieser and {Edgar R.} Weippl and Andreas Holzinger},
      title = {Protecting Anonymity in Data-Driven Biomedical Science},
      booktitle = {Interactive Knowledge Discovery and Data Mining in Biomedical Informatics - State-of-the-Art and Future Challenges},
      year = {2014},
      month = {0},
      pdf = {1v0_KIESEBERG_bookchapter.pdf},
      pages = {301--316},
      }
  • Katharina Krombholz and Peter Fruehwirt and Peter Kieseberg and Ioannis Kapsalis and Markus Huber and Edgar R. Weippl, "QR Code Security: A Survey of Attacks and Challenges for Usable Security." Springer, 2014, pp. 79-90. BibTeX | PDF | Slides
    @INBOOK{Krombholz2014Code,
      Author = {Katharina Krombholz and Peter Fruehwirt and Peter Kieseberg and Ioannis Kapsalis and Markus Huber and {Edgar R.} Weippl},
      title = {QR Code Security: A Survey of Attacks and Challenges for Usable Security},
      booktitle = {Human Aspects of Information Security, Privacy, and Trust},
      year = {2014},
      month = {0},
      pdf = {llncs.pdf},
      pages = {79--90},
      publisher = {Springer},
      link_slides = {http://de.slideshare.net/SBAResearch/qr-code-security-a-survey-of-attacks-and-challenges-for-usable-security},
      }
  • Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa and Gerald Quirchmayr and Alexander Schatten and E. Neuhold and J. Goellner and C. Meurers and W. Hitz, "Cloud-Sicherheit. Leitfaden für Behörden und Klein- und Mittelbetriebe." , 2014. BibTeX | PDF
    @INBOOK{Fenz2014CloudSicherheit,
      Author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa and Gerald Quirchmayr and Alexander Schatten and E. Neuhold and J. Goellner and C. Meurers and W. Hitz},
      title = {Cloud-Sicherheit. Leitfaden für Behörden und Klein- und Mittelbetriebe},
      booktitle = {Schriftenreihe der Landesverteidigungsakademie, Landesverteidigungsakademie},
      year = {2014},
      month = {0},
      pdf = {http://www.bundesheer.at/pdf_pool/publikationen/08_cs.pdf},
      }
  • Anne Baumgrass and Mark Strembeck, "Bridging the Gap between Role Mining and Role Engineering via Migration Guides." , 2013. BibTeX
    @INBOOK{Baumgrass_Bridging_the_Gap_between_Role__2013,
      Author = {Anne Baumgrass and Mark Strembeck},
      title = {Bridging the Gap between Role Mining and Role Engineering via Migration Guides},
      booktitle = {Information Security Technical Report (ISTR)},
      year = {2013},
      month = {5},
      }
  • Heidelinde Hobel and Sebastian Schrittwieser and Peter Kieseberg and Edgar R. Weippl, "Privacy, Anonymity, Pseudonymity and Data Disclosure in Data-Driven Science." , 2013. BibTeX
    @INBOOK{_Privacy_Anonymity_Pseudonymity_2013,
      Author = {Heidelinde Hobel and Sebastian Schrittwieser and Peter Kieseberg and {Edgar R.} Weippl},
      title = {Privacy, Anonymity, Pseudonymity and Data Disclosure in Data-Driven Science},
      booktitle = {Encyclopedia of Business Analytics and Optimization},
      year = {2013},
      month = {0},
      }
  • Shareeful Islam and Haralambos Mouratidis and Edgar R. Weippl, "Security Engineering for Cloud Computing: Approaches and Tools." Information Science Reference, 2013, pp. 98-123. BibTeX
    @INBOOK{_Security_Engineering_for_Cloud_2013,
      Author = {Shareeful Islam and Haralambos Mouratidis and {Edgar R.} Weippl},
      title = {Security Engineering for Cloud Computing: Approaches and Tools},
      year = {2013},
      month = {8},
      chapter = {A Goal-Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud- Based System},
      pages = {98--123},
      publisher = {Information Science Reference},
      }
  • Christian Krieg and Edgar R. Weippl, "Malware in Hardware Infrastructure Components." Fraunhofer AISEC, 2013. BibTeX | PDF
    @INBOOK{_Malware_in_Hardware_Infrastruc_2013,
      Author = {Christian Krieg and {Edgar R.} Weippl},
      title = {Malware in Hardware Infrastructure Components},
      booktitle = {Advances in IT Early Warning},
      year = {2013},
      month = {2},
      pdf = {weippl_chapter.pdf},
      chapter = {Malware in Hardware Infrastructure Components},
      publisher = {Fraunhofer AISEC},
      note = {ISBN 978-3-8396-0474-8},
      }
  • Tobias Hildebrandt and Simone Kriglstein and Stefanie Rinderle-Ma, "Beyond Visualization: On Using Sonification Methods to Make Business Processes More Accessible to Users." Georgia Institute of Technology, 2012, pp. 248-249. BibTeX
    @INBOOK{hildebrandt_soni,
      Author = {Tobias Hildebrandt and Simone Kriglstein and Stefanie Rinderle-Ma},
      title = {Beyond Visualization: On Using Sonification Methods to Make Business Processes More Accessible to Users},
      booktitle = {18th International Conference on Auditory Display (ICAD 2012)},
      year = {2012},
      month = {0},
      pages = {248--249},
      publisher = {Georgia Institute of Technology},
      }
  • Stefan Proell and Eva Zangerle and Wolfgang Gassler, "MySQL: Das Handbuch fuer Administratoren." Galileo Press, 2011. BibTeX
    @INBOOK{_MySQL_Das_Handbuch_fuer_Admini_2011,
      Author = {Stefan Proell and Eva Zangerle and Wolfgang Gassler},
      title = {MySQL: Das Handbuch fuer Administratoren},
      booktitle = {Galileo Computing},
      year = {2011},
      month = {8},
      publisher = {Galileo Press},
      }
  • Stefan Fenz, "Electronic Business Interoperability: Concepts." IGI Global, 2011, pp. 596-614. BibTeX | PDF
    @INBOOK{Fenz2011c,
      Author = {Stefan Fenz},
      title = {Electronic Business Interoperability: Concepts},
      booktitle = {Electronic Business Interoperability: Concepts, Opportunities and Challenges },
      year = {2011},
      month = {3},
      abstract = {For almost all private individuals and especially organizations information technology (IT) including hardware},
      pdf = {2011 - Fenz - E-Business and Information Security Risk Management.pdf},
      chapter = {E-Business and Information Security Risk Management: Challenges and Potential Solutions},
      pages = {596-614},
      publisher = {IGI Global},
      note = {ISBN: 978-1-60960-485-1},
      }
  • Stefan Fenz, "E-Business and Information Security Risk Management: Challenges and Potential Solutions." IGI Global, 2011. BibTeX
    @INBOOK{Fenz_Electronic_Business_Interopera_2011,
      Author = {Stefan Fenz},
      title = {E-Business and Information Security Risk Management: Challenges and Potential Solutions},
      booktitle = {Electronic Business Interoperability: Concepts, Opportunities and Challenges},
      year = {2011},
      month = {1},
      chapter = {E-Business and Information Security Risk Management: Challenges and Potential Solutions},
      publisher = {IGI Global},
      }
  • Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler, "Risk-Aware Business Process Management :Establishing the Link Between Business and Security." Springer New York, 2010, vol. 41, pp. 109-135. BibTeX
    @INBOOK{Jakoubi_Risk_Aware_Business_Process_Ma_2010,
      Author = {Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler},
      title = {Risk-Aware Business Process Management :Establishing the Link Between Business and Security},
      booktitle = {Complex Intelligent Systems and Their Applications},
      year = {2010},
      month = {8},
      volume = {41},
      pages = {109-135},
      publisher = {Springer New York},
      note = {Book},
      }
  • Edgar R. Weippl, "Data Warehousing Design and Advanced Engineering Applications: Methods for Complex Construction." Information Science Reference, IGI Global, 2010, pp. 272-279. BibTeX | PDF
    @INBOOK{Weippl_SecurityinDataWarehouses_2010,
      Author = {{Edgar R.} Weippl},
      title = {Data Warehousing Design and Advanced Engineering Applications: Methods for Complex Construction},
      year = {2010},
      month = {1},
      pdf = {weippl_arh_securityDWH.pdf},
      chapter = {Security in Data Warehouses},
      pages = {272--279},
      publisher = {Information Science Reference, IGI Global},
      }
  • Edgar R. Weippl and Benjamin Böck, "The Handbook of Technology Management." Wiley and Sons, 2009. BibTeX
    @INBOOK{Bock_acceptedforpublicationSocialEngineering_2009,
      Author = {{Edgar R.} Weippl and Benjamin Böck},
      title = {The Handbook of Technology Management},
      year = {2009},
      month = {1},
      chapter = {accepted for publication: Social Engineering},
      publisher = {Wiley and Sons},
      }
  • Edgar R. Weippl, "Handbook of Research on Information Security and Assurance." Idea Group, 2008. BibTeX
    @INBOOK{Weippl_SecurityAwarenessVirtualEnvironmentsandELearning_2008,
      Author = {{Edgar R.} Weippl},
      title = {Handbook of Research on Information Security and Assurance},
      year = {2008},
      month = {1},
      chapter = {Security Awareness: Virtual Environments and E-Learning},
      publisher = {Idea Group},
      }
  • Edgar R. Weippl and Markus Klemen and Stefan Raffeiner, "The Semantic Web for Knowledge and Data Management: Technologies and Practices." Idea Group, 2008, pp. 38-48. BibTeX
    @INBOOK{Weippl_ImprovingStorageConceptsforSemanticModelsandOntologies_2008,
      Author = {{Edgar R.} Weippl and Markus Klemen and Stefan Raffeiner},
      title = {The Semantic Web for Knowledge and Data Management: Technologies and Practices},
      year = {2008},
      month = {1},
      chapter = {Improving Storage Concepts for Semantic Models and Ontologies},
      pages = {38--48},
      publisher = {Idea Group},
      }
  • Edgar R. Weippl, "Preface to Social Implications of Data Mining and Information Privacy: Interdisciplinary Frameworks and Solutions." IGI Global, 2008. BibTeX
    @INBOOK{Weippl__2008,
      Author = {{Edgar R.} Weippl},
      title = {Preface to Social Implications of Data Mining and Information Privacy: Interdisciplinary Frameworks and Solutions},
      year = {2008},
      month = {1},
      publisher = {IGI Global},
      }
  • Edgar R. Weippl and Bernhard Riedl, "Handbook of Research on Mobile Multimedia, Second Edition." Information Science Reference, 2008, p. IX. BibTeX
    @INBOOK{Weippl_SecurityTrustandPrivacyonMobileDevicesandMultimediaApplications_2008,
      Author = {{Edgar R.} Weippl and Bernhard Riedl},
      title = {Handbook of Research on Mobile Multimedia, Second Edition},
      year = {2008},
      month = {1},
      chapter = {Security, Trust and Privacy on Mobile Devices and Multimedia Applications},
      pages = {Chapter IX},
      publisher = {Information Science Reference},
      note = {ISBN: 978-1-60566-046-2},
      }
  • Edgar R. Weippl, "Encyclopedia of Data Warehousing and Mining." Idea Group, 2008. BibTeX
    @INBOOK{Weippl_DatabaseSecurityandStatisticalDatabaseSecurity_2008,
      Author = {{Edgar R.} Weippl},
      title = {Encyclopedia of Data Warehousing and Mining},
      year = {2008},
      month = {1},
      chapter = {Database Security and Statistical Database Security},
      publisher = {Idea Group},
      }
  • Edgar R. Weippl and Markus Klemen and Benjamin Böck, "The Handbook of Computer Networks." Wiley, 2007. BibTeX
    @INBOOK{Bock_SocialEngineering_2007,
      Author = {{Edgar R.} Weippl and Markus Klemen and Benjamin Böck},
      title = {The Handbook of Computer Networks},
      year = {2007},
      month = {1},
      chapter = {Social Engineering},
      publisher = {Wiley},
      }
  • Edgar R. Weippl and Bernhard Riedl and Veronika Grascher, "Wikis im Social Web." OCG Austrian Computer Society, 2007, pp. 190-198. BibTeX
    @INBOOK{Weippl_EinsatzvonAuditsinWikisanStellevonZugriffskontrollenalssozioorganisatorischeSicherheitsmassnahme_2007,
      Author = {{Edgar R.} Weippl and Bernhard Riedl and Veronika Grascher},
      title = {Wikis im {S}ocial {W}eb},
      year = {2007},
      month = {1},
      chapter = {Einsatz von Audits in Wikis an Stelle von Zugriffskontrollen als sozio-organisatorische Sicherheitsmassnahme},
      pages = {190--198},
      publisher = {OCG Austrian Computer Society},
      }
  • Edgar R. Weippl and Markus Klemen and Thomas Neubauer, "The Handbook of Computer Networks." Wiley, 2007. BibTeX
    @INBOOK{Klemen_BusinessRequirementsofBackupSystems_2007,
      Author = {{Edgar R.} Weippl and Markus Klemen and Thomas Neubauer},
      title = {The Handbook of Computer Networks},
      year = {2007},
      month = {1},
      chapter = {Business Requirements of Backup Systems},
      publisher = {Wiley},
      }
  • Edgar R. Weippl and Jamil Wahbeh, "Mobile Multimedia: Communication Engineering Perspective." Nova Science Publishers, 2006, pp. 101-116. BibTeX
    @INBOOK{Weippl_SecuringMobileCommunicationRADIUSinaWindowsEnvironment_2006,
      Author = {{Edgar R.} Weippl and Jamil Wahbeh},
      title = {Mobile Multimedia: Communication Engineering Perspective},
      year = {2006},
      month = {1},
      chapter = {Securing Mobile Communication: RADIUS in a Windows Environment},
      pages = {101--116},
      publisher = {Nova Science Publishers},
      }
  • Edgar R. Weippl, "Handbook of Research on Mobile Multimedia." Idea Group, 2006, pp. 22-37. BibTeX
    @INBOOK{Weippl_Chapter3SecurityandTrustinMobileMultimedia_2006,
      Author = {{Edgar R.} Weippl},
      title = {Handbook of Research on Mobile Multimedia},
      year = {2006},
      month = {1},
      chapter = {Chapter 3:Security and Trust in Mobile Multimedia},
      pages = {22--37},
      publisher = {Idea Group},
      }
  • Edgar R. Weippl and Markus Klemen, "Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues." Idea Group, 2006. BibTeX
    @INBOOK{Weippl_ImplementingITSecurityforSmallandMediumSizedEnterprises_2006,
      Author = {{Edgar R.} Weippl and Markus Klemen},
      title = {Enterprise Information Systems Assurance and System Security: Managerial and Technical Issues},
      year = {2006},
      month = {1},
      chapter = {Implementing IT Security for Small and Medium-Sized Enterprises},
      publisher = {Idea Group},
      }
  • Edgar R. Weippl, "Encyclopedia of E-Commerce, E-Government and Mobile Commerce." Idea Group, Publish, 2005, pp. 135-140. BibTeX
    @INBOOK{Weippl_ComputerSecurityintheContextofELearning_2005,
      Author = {{Edgar R.} Weippl},
      title = {Encyclopedia of E-Commerce, E-Government and Mobile Commerce},
      year = {2005},
      month = {1},
      chapter = {Computer Security in the Context of E-Learning},
      pages = {135--140},
      publisher = {Idea Group, Publish},
      }
  • Edgar R. Weippl, "The Handbook of Information Security." John Wiley \& Sons, 2005. BibTeX
    @INBOOK{Weippl_SecurityinELearning_2005a,
      Author = {{Edgar R.} Weippl},
      title = {The Handbook of Information Security},
      year = {2005},
      month = {1},
      chapter = {Security in E-Learning},
      publisher = {John Wiley \& Sons},
      note = {ISBN 0-471-64833-7},
      }

inproceedings

  • Katharina Krombholz and Wilfried Mayer and Martin Schmiedecker and Edgar R. Weippl, ""I Have No Idea What I’m Doing" – On the Usability of Deploying HTTPS," in 26th USENIX Security Symposium (USENIX Security 2017), 2017. BibTeX | PDF
    @INPROCEEDINGS{Krombholz2017Have,
      Author = {Katharina Krombholz and Wilfried Mayer and Martin Schmiedecker and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {"I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS},
      booktitle = {26th USENIX Security Symposium (USENIX Security 2017)},
      year = {2017},
      month = {8},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/usenixTLSpreprint.pdf},
      }
  • Georg Merzdovnik and Markus Huber and Damjan Buhov and Nick Nikiforakis and Sebastian Neuner and Martin Schmiedecker and Edgar R. Weippl, "Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools," in 2nd IEEE European Symposium on Security and Privacy (Euro S&P), 2017. BibTeX | PDF
    @INPROCEEDINGS{Merzdovnik2017,
      Author = {Georg Merzdovnik and Markus Huber and Damjan Buhov and Nick Nikiforakis and Sebastian Neuner and Martin Schmiedecker and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Block Me If You Can: A Large-Scale Study of Tracker-Blocking Tools},
      booktitle = {2nd IEEE European Symposium on Security and Privacy (Euro S&P)},
      year = {2017},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/block_me_if_you_can.pdf},
      }
  • Katharina Krombholz and Adrian Dabrowski and Matthew Smith and Edgar R. Weippl, "Exploring Design Directions for Wearable Privacy," in Usable Security, 2017. BibTeX | PDF
    @INPROCEEDINGS{Krombholz2017Exploring,
      Author = {Katharina Krombholz and Adrian Dabrowski and Matthew Smith and {Edgar R.} Weippl},
      title = {Exploring Design Directions for Wearable Privacy},
      booktitle = {Usable Security},
      year = {2017},
      month = {0},
      pdf = {https://www.internetsociety.org/sites/default/files/usec2017_03_2_Krombholz_paper.pdf},
      }
  • Wilfried Mayer and Martin Schmiedecker, "Turning Active TLS Scanning to Eleven," in IFIP International Information Security and Privacy Conference (IFIP Sec), 2017. BibTeX | PDF | Slides | Src
    @INPROCEEDINGS{Mayer2017Turning,
      Author = {Wilfried Mayer and Martin Schmiedecker},
      title = {Turning Active TLS Scanning to Eleven},
      booktitle = {IFIP International Information Security and Privacy Conference (IFIP Sec)},
      year = {2017},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/ifipSec2017_preprint.pdf},
      link_source = {https://github.com/WilfriedMayer/turning-active-tls-scanning-to-eleven},
      link_slides = {https://www.slideshare.net/SBAResearch/turning-active-tls-scanning-to-eleven},
      }
  • Georg Merzdovnik and Aljosha Judmayer and Artemios G. Voyiatzis and Edgar R. Weippl, "A performance assessment of network address shuffling in IoT systems," in 16th International Conference on Computer Aided Systems Theory (EUROCAST 2017), 2017. BibTeX | PDF
    @INPROCEEDINGS{Merzdovnik2017performance,
      Author = {Georg Merzdovnik and Aljosha Judmayer and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
      title = {A performance assessment of network address shuffling in IoT systems},
      booktitle = {16th International Conference on Computer Aided Systems Theory (EUROCAST 2017)},
      year = {2017},
      month = {2},
      pdf = {http://eurocast2017.fulp.ulpgc.es/sites/default/files/Eurocast_2017_Extended_Abstract_Book.pdf},
      }
  • Ludwig Kampel and Bernhard Garn and Dimitris Simos, "Combinatorial Methods for Modelling Composed Software Systems," in 6th International Workshop on Combinatorial Testing (IWCT 2017), 2017. BibTeX | Slides
    @INPROCEEDINGS{Kampel2017Combinatorial,
      Author = {Ludwig Kampel and Bernhard Garn and Dimitris Simos},
      title = {Combinatorial Methods for Modelling Composed Software Systems},
      booktitle = {6th International Workshop on Combinatorial Testing (IWCT 2017)},
      year = {2017},
      month = {3},
      link_slides = {http://iwct2017.sba-research.org/slides/session4-talk2-simos.pdf},
      }
  • Peter Kieseberg and Sebastian Neuner and Sebastian Schrittwieser and Martin Schmiedecker and Edgar R. Weippl, "Real-time Forensics through Endpoint Visibility," in International Conference on Digital Forensics & Cyber Crime, 2017. BibTeX
    @INPROCEEDINGS{Kieseberg2017Realtime,
      Author = {Peter Kieseberg and Sebastian Neuner and Sebastian Schrittwieser and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Real-time Forensics through Endpoint Visibility},
      booktitle = {International Conference on Digital Forensics & Cyber Crime},
      year = {2017},
      month = {0},
      }
  • K. Kleine and Dimitris Simos, "Coveringcerts: Combinatorial Methods for X.509 Certificate Testing," in International Conference on Software Testing, Verification and Validation (ICST), 2017. BibTeX
    @INPROCEEDINGS{Kleine2017Coveringcerts,
      Author = {K. Kleine and Dimitris Simos},
      title = {Coveringcerts: Combinatorial Methods for X.509 Certificate Testing},
      booktitle = {International Conference on Software Testing, Verification and Validation (ICST)},
      year = {2017},
      month = {3},
      }
  • Aljosha Judmayer and Johanna Ullrich and Georg Merzdovnik and Artemios G. Voyiatzis and Edgar R. Weippl, "Lightweight Address Hopping for Defending the IPv6 IoT," in 12th International Conference on Availability, Reliability and Security (ARES 2017), 2017. BibTeX | PDF
    @INPROCEEDINGS{Judmayer2017Lightweight,
      Author = {Aljosha Judmayer and Johanna Ullrich and Georg Merzdovnik and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
      title = {Lightweight Address Hopping for Defending the IPv6 IoT},
      booktitle = {12th International Conference on Availability, Reliability and Security (ARES 2017)},
      year = {2017},
      month = {9},
      pdf = {20170701JudmayerLightweightAddressHopping.pdf},
      }
  • Christof Tschohl and Walter Hötzendorfer and Gerald Quirchmayr and Edith Huber and Otto Hellwig, "Die NIS-Richtlinie und der rechtliche Rahmen von CERTS," in IRIS 2017, 2017. BibTeX | PDF
    @INPROCEEDINGS{Tschohl2017NISRichtlinie,
      Author = {Christof Tschohl and Walter Hötzendorfer and Gerald Quirchmayr and Edith Huber and Otto Hellwig},
      title = {Die NIS-Richtlinie und der rechtliche Rahmen von CERTS},
      booktitle = {IRIS 2017},
      year = {2017},
      month = {2},
      pdf = {https://www.researchgate.net/publication/314984411_DIE_NIS-RICHTLINIE_UND_DER_RECHTLICHE_RAHMEN_VON_CERTS},
      }
  • Alexei Zamyatin and K. Wolter and S. Werner and C.E.A. Mulligan and P.G. Harrison and W.J. Knottenbelt, "Swimming with Fishes and Sharks: Beneath the Surface of Queue-based Ethereum Mining Pools," in 25th IEEE International Symposium on the Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS 2017), 2017. BibTeX
    @INPROCEEDINGS{Zamyatin2017Swimming,
      Author = {Alexei Zamyatin and K. Wolter and S. Werner and {C.E.A.} Mulligan and {P.G.} Harrison and {W.J.} Knottenbelt},
      sbahotlist = {true},
      title = {Swimming with Fishes and Sharks: Beneath the Surface of Queue-based Ethereum Mining Pools},
      booktitle = {25th IEEE International Symposium on the Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS 2017)},
      year = {2017},
      month = {9},
      }
  • Josip Bozic and K. Kleine and Dimitris Simos and Franz Wotawa, "Planning-based Security Testing of the SSL/TLS Protocol," in Workshop on Advances in Model Based Testing (A-MOST), 2017. BibTeX
    @INPROCEEDINGS{Bozic2017Planningbased,
      Author = {Josip Bozic and K. Kleine and Dimitris Simos and Franz Wotawa},
      title = {Planning-based Security Testing of the SSL/TLS Protocol},
      booktitle = {Workshop on Advances in Model Based Testing (A-MOST)},
      year = {2017},
      month = {3},
      }
  • Paris Kitsos and Dimitris Simos and Kyriakos G. Stefanidis and Artemios G. Voyiatzis, "Malicious hardware logic detection based on combinatorial testing," in DATE 2016 TRUDEVICE Workshop, 2016. BibTeX | Slides
    @INPROCEEDINGS{Kitsos2016Malicious,
      Author = {Paris Kitsos and Dimitris Simos and {Kyriakos G.} Stefanidis and {Artemios G.} Voyiatzis},
      sbahotlist = {true},
      title = {Malicious hardware logic detection based on combinatorial testing},
      booktitle = {DATE 2016 TRUDEVICE Workshop},
      year = {2016},
      month = {3},
      link_slides = {http://www.artemiosv.info/hosted/TRUDEVICE2016.pdf},
      }
  • Christoph Pacher and Philipp Grabenweger and Dimitris Simos, "Weight Distribution of the Syndrome of Linear Codes and Connections to Combinatorial Designs," in 2016 IEEE International Symposium on Information Theory, 2016. BibTeX | PDF
    @INPROCEEDINGS{Pacher2016Weight,
      Author = {Christoph Pacher and Philipp Grabenweger and Dimitris Simos},
      title = {Weight Distribution of the Syndrome of Linear Codes and Connections to Combinatorial Designs},
      booktitle = {2016 IEEE International Symposium on Information Theory},
      year = {2016},
      month = {0},
      pdf = {ExactVariance.pdf},
      }
  • Sebastian Neuner and Artemios G. Voyiatzis and Martin Schmiedecker and Stefan Brunthaler and Stefan Katzenbeisser and Edgar R. Weippl, "Time is on my side: Steganography in filesystem metadata," in 16th Annual DFRWS Conference, 2016. BibTeX | PDF | Slides | Data
    @INPROCEEDINGS{Neuner2016Time,
      Author = {Sebastian Neuner and {Artemios G.} Voyiatzis and Martin Schmiedecker and Stefan Brunthaler and Stefan Katzenbeisser and {Edgar R.} Weippl},
      title = {Time is on my side: Steganography in filesystem metadata},
      booktitle = {16th Annual DFRWS Conference},
      year = {2016},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/timestampStego_preprint.pdf},
      link_data = {https://www.sba-research.org/dfrws2016/},
      link_slides = {http://www.slideshare.net/SBAResearch/time-is-on-my-side-steganography-in-filesystem-metadata},
      }
  • Fuensanta Torres Garcia and Katharina Krombholz and Rudolf Mayer and Edgar R. Weippl, "Hand Dynamics for Behavioral User Authentication," in 5th International Workshop on Security of Mobile Applications (IWSMA 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{TorresGarcia2016Hand,
      Author = {Fuensanta {Torres Garcia} and Katharina Krombholz and Rudolf Mayer and {Edgar R.} Weippl},
      title = {Hand Dynamics for Behavioral User Authentication},
      booktitle = {5th International Workshop on Security of Mobile Applications (IWSMA 2016)},
      year = {2016},
      month = {9},
      pdf = {ARES_2016_paper_19 (2).pdf},
      }
  • Ludwig Kampel and Dimitris Simos, "Set-based algorithms for combinatorial test set generation," in International Conference on Testing Software and Systems (ICTSS), 2016. BibTeX | PDF
    @INPROCEEDINGS{Kampel2016Setbased,
      Author = {Ludwig Kampel and Dimitris Simos},
      title = {Set-based algorithms for combinatorial test set generation},
      booktitle = {International Conference on Testing Software and Systems (ICTSS)},
      year = {2016},
      month = {10},
      pdf = {http://link.springer.com/chapter/10.1007/978-3-319-47443-4_16},
      }
  • Johanna Ullrich and Edgar R. Weippl, "The Beauty or The Beast? Attacking Rate Limits of the Xen Hypervisor," in European Symposium on Research in Computer Security (ESORICS), 2016. BibTeX | PDF
    @INPROCEEDINGS{Ullrich2016Beauty,
      Author = {Johanna Ullrich and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {The Beauty or The Beast? Attacking Rate Limits of the Xen Hypervisor},
      booktitle = {European Symposium on Research in Computer Security (ESORICS)},
      year = {2016},
      month = {0},
      pdf = {botb paper.pdf},
      }
  • Katharina Krombholz and Thomas Hupperich and Thorsten Holz, "Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices," in Twelfth Symposium on Usable Privacy and Security (SOUPS 2016), 2016. BibTeX | PDF | Slides
    @INPROCEEDINGS{Krombholz2016Force,
      Author = {Katharina Krombholz and Thomas Hupperich and Thorsten Holz},
      sbahotlist = {true},
      title = {Use the Force: Evaluating Force-Sensitive Authentication for Mobile Devices},
      booktitle = {Twelfth Symposium on Usable Privacy and Security (SOUPS 2016)},
      year = {2016},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/Krombholz2016Force.pdf},
      link_slides = {http://www.slideshare.net/SBAResearch/use-the-force-evaluating-forcesensitive-authentication-for-mobile-devices},
      }
  • Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and Edgar R. Weippl, "The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy," in International Conference on Financial Cryptography and Data Security (FC), 2016. BibTeX | PDF
    @INPROCEEDINGS{Krombholz2016Other,
      Author = {Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {The Other Side of the Coin: User Experiences with Bitcoin Security and Privacy},
      booktitle = {International Conference on Financial Cryptography and Data Security (FC)},
      year = {2016},
      month = {2},
      pdf = {TheOtherSideOfTheCoin_FC16preConf.pdf},
      }
  • Robert Annessi and Martin Schmiedecker, "NavigaTor: Finding Faster Paths to Anonymity," in IEEE European Symposium on Security and Privacy (Euro S&P), 2016. BibTeX | PDF | Src | Data
    @INPROCEEDINGS{Annessi2016NavigaTor,
      Author = {Robert Annessi and Martin Schmiedecker},
      sbahotlist = {true},
      title = {NavigaTor: Finding Faster Paths to Anonymity},
      booktitle = {IEEE European Symposium on Security and Privacy (Euro S&P)},
      year = {2016},
      month = {3},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/NavigaTor_preprint.pdf},
      publisher = {IEEE},
      link_source = {https://naviga-tor.github.io/#source},
      link_data = {https://naviga-tor.github.io/#data},
      }
  • Dimitris Simos and K. Kleine and Laleh Shikh Gholamhossein Ghandehari and Bernhard Garn and Yu Lei, "A Combinatorial Approach to Analyzing Cross-Site Scripting (XSS) Vulnerabilities in Web Application Security Testing," in International Conference on Testing Software and Systems (ICTSS), 2016. BibTeX | PDF
    @INPROCEEDINGS{Simos2016Combinatorial,
      Author = {Dimitris Simos and K. Kleine and {Laleh Shikh Gholamhossein} Ghandehari and Bernhard Garn and Yu Lei},
      title = {A Combinatorial Approach to Analyzing Cross-Site Scripting (XSS) Vulnerabilities in Web Application Security Testing},
      booktitle = {International Conference on Testing Software and Systems (ICTSS)},
      year = {2016},
      month = {10},
      pdf = {http://link.springer.com/chapter/10.1007/978-3-319-47443-4_5},
      }
  • Adrian Dabrowski and Georg Petzl and Edgar R. Weippl, "The Messenger Shoots Back: Network Operator Based IMSI Catcher Detection," in 19th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Dabrowski2016Messenger,
      Author = {Adrian Dabrowski and Georg Petzl and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {The Messenger Shoots Back: Network Operator Based IMSI Catcher Detection},
      booktitle = {19th International Symposium on Research in Attacks, Intrusions and Defenses (RAID 2016)},
      year = {2016},
      month = {9},
      pdf = {providerICdetection.pdf},
      }
  • Sebastian Neuner and Martin Schmiedecker and Edgar R. Weippl, "PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics," in 16th Annual DFRWS Conference, 2016. BibTeX | PDF | Slides | Src | Data
    @INPROCEEDINGS{Neuner2016PeekaTorrent,
      Author = {Sebastian Neuner and Martin Schmiedecker and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {PeekaTorrent: Leveraging P2P Hash Values for Digital Forensics},
      booktitle = {16th Annual DFRWS Conference},
      year = {2016},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/peekatorrent_preprint.pdf},
      link_source = {https://github.com/schmiedecker/peekatorrent},
      link_data = {https://www.peekatorrent.org},
      link_slides = {http://www.slideshare.net/SBAResearch/peekatorrent-leveraging-p2p-hash-values-for-digital-forensics},
      }
  • Georg Merzdovnik and Damjan Buhov and Artemios G. Voyiatzis and Edgar R. Weippl, "Notary-assisted Certificate Pinning for Improved Security of (Android) Apps," in 11th International Conference on Availability, Reliability and Security (ARES 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Merzdovnik2016Notaryassisted,
      Author = {Georg Merzdovnik and Damjan Buhov and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
      title = {Notary-assisted Certificate Pinning for Improved Security of (Android) Apps},
      booktitle = {11th International Conference on Availability, Reliability and Security (ARES 2016)},
      year = {2016},
      month = {9},
      pdf = {notarypin.pdf},
      }
  • Christoph Kerschbaumer and Sid Stamm and Stefan Brunthaler, "Injecting CSP for Fun and Security," in 2nd International Conference on Information Systems Security and Privacy, 2016. BibTeX
    @INPROCEEDINGS{Kerschbaumer2016Injecting,
      Author = {Christoph Kerschbaumer and Sid Stamm and Stefan Brunthaler},
      title = {Injecting CSP for Fun and Security},
      booktitle = {2nd International Conference on Information Systems Security and Privacy},
      year = {2016},
      month = {2},
      }
  • Aljosha Judmayer and Edgar R. Weippl, "Condensed Cryptographic Currencies Crash Course (C5)," in 2016 ACM SIGSAC Conference on Computer and Communications Security, 2016. BibTeX | PDF
    @INPROCEEDINGS{Judmayer2016Condensed,
      Author = {Aljosha Judmayer and {Edgar R.} Weippl},
      title = {Condensed Cryptographic Currencies Crash Course (C5)},
      booktitle = {2016 {ACM} {SIGSAC} Conference on Computer and Communications Security},
      year = {2016},
      month = {10},
      pdf = {http://dl.acm.org/citation.cfm?id=2976754},
      }
  • Stefan Proell and Kristof Meixner and Andreas Rauber, "Precise Data Identification Services for Long Tail Research Data," in 13th International Conference on Digital Preservation (iPRES 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Proell2016Precise,
      Author = {Stefan Proell and Kristof Meixner and Andreas Rauber},
      title = {Precise Data Identification Services for Long Tail Research Data},
      booktitle = {13th International Conference on Digital Preservation (iPRES 2016)},
      year = {2016},
      month = {10},
      pdf = {iPRES2016-Proell.pdf},
      }
  • Filippos Pirpilidis and Artemios G. Voyiatzis and Lambros Pyrgas and Paris Kitsos, "An Efficient Reconfigurable Ring Oscillator for Hardware Trojan Detection," in 20th Panhellenic Conference on Informatics (PCI 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Pirpilidis2016Efficient,
      Author = {Filippos Pirpilidis and {Artemios G.} Voyiatzis and Lambros Pyrgas and Paris Kitsos},
      title = {An Efficient Reconfigurable Ring Oscillator for Hardware Trojan Detection},
      booktitle = {20th Panhellenic Conference on Informatics (PCI 2016)},
      year = {2016},
      month = {11},
      pdf = {pci2016-115.pdf},
      }
  • Adrian Dabrowski and Edgar R. Weippl, "Mobile Phone’s Wi-Fi Presence for Continuous Implicit Secondary Deauthentication," in 11th International Conference on Passwords, 2016. BibTeX | PDF | Video
    @INPROCEEDINGS{Dabrowski2016Mobile,
      Author = {Adrian Dabrowski and {Edgar R.} Weippl},
      title = {Mobile Phone's Wi-Fi Presence for Continuous Implicit Secondary Deauthentication},
      booktitle = {11th International Conference on Passwords},
      year = {2016},
      month = {12},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/wifipresence.pdf},
      link_video = {https://www.youtube.com/watch?v=6fC58E1XAAw&list=PLdIqs92nsIzT2ao_wAJ2GCRKl_3zaebgb&index=2},
      }
  • Damjan Buhov and Markus Huber and Georg Merzdovnik and Edgar R. Weippl, "Pin It! Improving Android Network Security At Runtime," in IFIP Networking 2016, 2016. BibTeX | PDF
    @INPROCEEDINGS{Buhov2016Improving,
      Author = {Damjan Buhov and Markus Huber and Georg Merzdovnik and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Pin It! Improving Android Network Security At Runtime},
      booktitle = {IFIP Networking 2016},
      year = {2016},
      month = {5},
      pdf = {Pin It! Improving Android Network Security at Runtime.pdf},
      }
  • Patrick Carter and Collin Mulliner and Martina Lindorfer and William Robertson and Engin Kirda, "CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes," in 20th International Conference on Financial Cryptography and Data Security (FC), 2016. BibTeX | PDF
    @INPROCEEDINGS{Carter2016CuriousDroid,
      Author = {Patrick Carter and Collin Mulliner and Martina Lindorfer and William Robertson and Engin Kirda},
      title = {CuriousDroid: Automated User Interface Interaction for Android Application Analysis Sandboxes},
      booktitle = {20th International Conference on Financial Cryptography and Data Security (FC)},
      year = {2016},
      month = {2},
      pdf = {curiousdroid_fc16.pdf},
      }
  • Wilfried Mayer and Aaron Zauner and Martin Schmiedecker and Markus Huber, "No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large," in International Conference on Availability, Reliability and Security (ARES), 2016. BibTeX | PDF | Slides | Data
    @INPROCEEDINGS{Mayer2016Need,
      Author = {Wilfried Mayer and Aaron Zauner and Martin Schmiedecker and Markus Huber},
      title = {No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large},
      booktitle = {International Conference on Availability, Reliability and Security (ARES)},
      year = {2016},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/scanTLS.pdf},
      link_data = {https://scans.io/study/sba-email},
      link_slides = {http://www.slideshare.net/SBAResearch/no-need-for-black-chambers},
      }
  • Dietmar Winkler and F.J. Ekaputra and Stefan Biffl, "AutomationML Review Support in Multi-Disciplinary Engineering Environments," in 21st IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), 2016. BibTeX | PDF
    @INPROCEEDINGS{Winkler2016AutomationML,
      Author = {Dietmar Winkler and F.J. Ekaputra and Stefan Biffl},
      title = {AutomationML Review Support in Multi-Disciplinary Engineering Environments},
      booktitle = {21st IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)},
      year = {2016},
      month = {9},
      pdf = {http://ieeexplore.ieee.org/document/7733555/},
      }
  • Georg Merzdovnik and Klaus Falb and Martin Schmiedecker and Artemios G. Voyiatzis and Edgar R. Weippl, "Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services," in 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Merzdovnik2016Whom,
      Author = {Georg Merzdovnik and Klaus Falb and Martin Schmiedecker and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
      title = {Whom You Gonna Trust? A Longitudinal Study on TLS Notary Services},
      booktitle = {30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2016)},
      year = {2016},
      month = {0},
      pdf = {TLSnotaries_preprint.pdf},
      }
  • Sven Dietrich and Michael Brenner and Katharina Krombholz, "Who are you now? Fading to multiple personas," in Who are you?! Adventures in Authentication (SOUPS Workshop), 2016. BibTeX | PDF
    @INPROCEEDINGS{Dietrich2016now,
      Author = {Sven Dietrich and Michael Brenner and Katharina Krombholz},
      title = {Who are you now? Fading to multiple personas},
      booktitle = {Who are you?! Adventures in Authentication (SOUPS Workshop)},
      year = {2016},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/Dietrich2016now.pdf},
      }
  • M. Tornatore and J. André and Peter Babarczi and T. Braun and E. Forstad and P. Heegaard and A. Hmaity and M. Furdek and L. Jorge and W. Kmiecik and C. Mas Machuca and L. Martins and C. Medeiros and F. Musumeci and A. Pasic and J. Rak and S. Simpson and R. Travanca and Artemios G. Voyiatzis, "A Survey on Network Resiliency Methodologies against Weather-based Disruptions," in 8th International Workshop on Resilient Networks Design and Modeling (RNDM 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Tornatore2016Survey,
      Author = {M. Tornatore and J. André and Peter Babarczi and T. Braun and E. Forstad and P. Heegaard and A. Hmaity and M. Furdek and L. Jorge and W. Kmiecik and C. {Mas Machuca} and L. Martins and C. Medeiros and F. Musumeci and A. Pasic and J. Rak and S. Simpson and R. Travanca and {Artemios G.} Voyiatzis},
      title = {A Survey on Network Resiliency Methodologies against Weather-based Disruptions},
      booktitle = {8th International Workshop on Resilient Networks Design and Modeling (RNDM 2016)},
      year = {2016},
      month = {9},
      pdf = {RNDM2016.pdf},
      }
  • Adrian Dabrowski and Georg Merzdovnik and Nikolaus Kommenda and Edgar R. Weippl, "Browser History Stealing with Captive Wi-Fi Portals," in Proceedings of Workshops at IEEE Security & Privacy 2016, Mobile Security Technologies (MoST), 2016. BibTeX | PDF
    @INPROCEEDINGS{Dabrowski2016Browser,
      Author = {Adrian Dabrowski and Georg Merzdovnik and Nikolaus Kommenda and {Edgar R.} Weippl},
      title = {Browser History Stealing with Captive Wi-Fi Portals},
      booktitle = {Proceedings of Workshops at IEEE Security & Privacy 2016, Mobile Security Technologies (MoST)},
      year = {2016},
      month = {5},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/Dabrowski2016Browser.pdf},
      }
  • Kyriakos G. Stefanidis and Artemios G. Voyiatzis, "An HMM-based Anomaly Detection Approach for SCADA Systems," in the 10th WISTP International Conference on Information Security Theory and Practice (WISTP 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Stefanidis2016HMMbased,
      Author = {{Kyriakos G.} Stefanidis and {Artemios G.} Voyiatzis},
      title = {An HMM-based Anomaly Detection Approach for SCADA Systems},
      booktitle = {the 10th WISTP International Conference on Information Security Theory and Practice (WISTP 2016)},
      year = {2016},
      month = {9},
      pdf = {http://link.springer.com/chapter/10.1007/978-3-319-45931-8_6},
      }
  • Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and Edgar R. Weippl, "Für bare Münze? NutzerInnenerfahrungen mit Sicherheit und Datenschutz bei Bitcoin," in Sicherheit 2016: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 8. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V., 2016. BibTeX
    @INPROCEEDINGS{Krombholz2016bare,
      Author = {Katharina Krombholz and Aljosha Judmayer and Matthias Gusenbauer and {Edgar R.} Weippl},
      title = {Für bare Münze? NutzerInnenerfahrungen mit Sicherheit und Datenschutz bei Bitcoin},
      booktitle = {Sicherheit 2016: Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 8. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V.},
      year = {2016},
      month = {4},
      }
  • R. Mordinyi and Dietmar Winkler and F.J. Ekaputra and M. Wimmer and Stefan Biffl, "Investigating Model Slicing Capabilities on Integrated Plant Models with AutomationML," in 21st IEEE International Conference on Emerging Technologies and Factory Automation (ETFA), 2016. BibTeX | PDF
    @INPROCEEDINGS{Mordinyi2016Investigating,
      Author = {R. Mordinyi and Dietmar Winkler and F.J. Ekaputra and M. Wimmer and Stefan Biffl},
      title = {Investigating Model Slicing Capabilities on Integrated Plant Models with AutomationML},
      booktitle = {21st IEEE International Conference on Emerging Technologies and Factory Automation (ETFA)},
      year = {2016},
      month = {9},
      pdf = {http://ieeexplore.ieee.org/document/7733556/},
      }
  • Thomas Hupperich and Katharina Krombholz and Thorsten Holz, "Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness," in 9th International Conference on Trust and Trustworthy Computing, 2016. BibTeX | PDF
    @INPROCEEDINGS{Hupperich2016Sensor,
      Author = {Thomas Hupperich and Katharina Krombholz and Thorsten Holz},
      title = {Sensor Captchas: On the Usability of Instrumenting Hardware Sensors to Prove Liveliness},
      booktitle = {9th International Conference on Trust and Trustworthy Computing},
      year = {2016},
      month = {8},
      pdf = {sensorcaptchas.pdf},
      }
  • Dimitris Simos and K. Kleine and Artemios G. Voyiatzis and R. Kuhn and R. Kacker, "TLS Cipher Suites Recommendations: A Combinatorial Coverage Measurement Approach," in 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Simos2016Cipher,
      Author = {Dimitris Simos and K. Kleine and {Artemios G.} Voyiatzis and R. Kuhn and R. Kacker},
      title = {TLS Cipher Suites Recommendations: A Combinatorial Coverage Measurement Approach},
      booktitle = {2016 IEEE International Conference on Software Quality, Reliability and Security (QRS 2016)},
      year = {2016},
      month = {8},
      pdf = {TLS-CCM-QRS2016.pdf},
      }
  • Paris Kitsos and Kyriakos G. Stefanidis and Artemios G. Voyiatzis, "TERO-based Detection of Hardware Trojans on FPGA Implementation of the AES Algorithm," in 19th EUROMICRO Conference on Digital System Design (DSD 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Kitsos2016TERObased,
      Author = {Paris Kitsos and {Kyriakos G.} Stefanidis and {Artemios G.} Voyiatzis},
      title = {TERO-based Detection of Hardware Trojans on FPGA Implementation of the AES Algorithm},
      booktitle = {19th EUROMICRO Conference on Digital System Design (DSD 2016)},
      year = {2016},
      month = {8},
      pdf = {Kitsos_C48.pdf},
      }
  • Bernd Malle and Peter Kieseberg and Edgar R. Weippl and Andreas Holzinger, "The Right to Be Forgotten: Towards Machine Learning on Perturbed Knowledge Bases," in International Conference on Availability, Reliability, and Security, 2016. BibTeX | PDF
    @INPROCEEDINGS{Malle2016Right,
      Author = {Bernd Malle and Peter Kieseberg and {Edgar R.} Weippl and Andreas Holzinger},
      title = {The Right to Be Forgotten: Towards Machine Learning on Perturbed Knowledge Bases},
      booktitle = {International Conference on Availability, Reliability, and Security},
      year = {2016},
      month = {8},
      pdf = {PAML.pdf},
      }
  • Marcos Kalinowski and Michael Felderer and Tayana Conte and Rodrigo Spínola and Rafael Prikladnicki and Dietmar Winkler and Daniel Méndez Fernández and Stefan Wagner, "Preventing Incomplete/Hidden Requirements: Reflections on Survey Data from Austria and Brasil," in 8th Software Quality Days (SWQD 2016), 2016. BibTeX
    @INPROCEEDINGS{Kalinowski2016Preventing,
      Author = {Marcos Kalinowski and Michael Felderer and Tayana Conte and Rodrigo Spínola and Rafael Prikladnicki and Dietmar Winkler and Daniel {Méndez Fernández} and Stefan Wagner},
      title = {Preventing Incomplete/Hidden Requirements: Reflections on Survey Data from Austria and Brasil},
      booktitle = {8th Software Quality Days (SWQD 2016)},
      year = {2016},
      month = {1},
      publisher = {Springer International Publishing},
      }
  • Wilfried Mayer and Martin Schmiedecker, "TLScompare: Crowdsourcing Rules for HTTPS Everywhere," in Workshop on Empirical Research Methods in Information Security (ERMIS), 2016. BibTeX | PDF | Slides
    @INPROCEEDINGS{Mayer2016TLScompare,
      Author = {Wilfried Mayer and Martin Schmiedecker},
      title = {TLScompare: Crowdsourcing Rules for HTTPS Everywhere},
      booktitle = {Workshop on Empirical Research Methods in Information Security (ERMIS)},
      year = {2016},
      month = {4},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/crowdsourcing_preprint.pdf},
      link_slides = {http://www.slideshare.net/SBAResearch/tlscompareorg-crowdsourcing-rules-for-https-everywhere},
      }
  • Andrei Bacs and Cristiano Giuffrida and Bernhard Grill and Herbert Bos, "Slick: An Intrusion Detection System for Virtualized Storage Devices," in 31st ACM Symposium on Applied Computing, 2016. BibTeX | PDF
    @INPROCEEDINGS{Bacs2016Slick,
      Author = {Andrei Bacs and Cristiano Giuffrida and Bernhard Grill and Herbert Bos},
      title = {Slick: An Intrusion Detection System for Virtualized Storage Devices},
      booktitle = {31st ACM Symposium on Applied Computing},
      year = {2016},
      month = {4},
      pdf = {slick.pdf},
      }
  • Hanno Böck and Aaron Zauner and Sean Devlin and Juraj Somorovsky and Philipp Jovanovic, "Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS," in 10th USENIX Workshop on Offensive Technologies (WOOT ’16), 2016. BibTeX | PDF | Slides
    @INPROCEEDINGS{Bck2016NonceDisrespecting,
      Author = {Hanno Böck and Aaron Zauner and Sean Devlin and Juraj Somorovsky and Philipp Jovanovic},
      title = {Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS},
      booktitle = {10th USENIX Workshop on Offensive Technologies (WOOT '16)},
      year = {2016},
      month = {0},
      pdf = {https://www.usenix.org/system/files/conference/woot16/woot16-paper-bock.pdf},
      link_slides = {https://www.usenix.org/sites/default/files/conference/protected-files/woot16_slides_bock.pdf},
      }
  • Johanna Ullrich and Artemios G. Voyiatzis and Edgar R. Weippl, "Secure Cyber-Physical Production Systems: Solid Steps towards Realization," in 1st International Workshop on Cyber-Physical Production Systems (CPPS 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Ullrich2016Secure,
      Author = {Johanna Ullrich and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
      title = {Secure Cyber-Physical Production Systems: Solid Steps towards Realization},
      booktitle = {1st International Workshop on Cyber-Physical Production Systems (CPPS 2016)},
      year = {2016},
      month = {4},
      pdf = {cpps.pdf},
      }
  • Johanna Ullrich and Artemios G. Voyiatzis and Edgar R. Weippl, "The Quest for Privacy in Consumer IoT," in 1st International Workshop on Consumers and the Internet of Things (ConsIoT 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Ullrich2016Quest,
      Author = {Johanna Ullrich and {Artemios G.} Voyiatzis and {Edgar R.} Weippl},
      title = {The Quest for Privacy in Consumer IoT},
      booktitle = {1st International Workshop on Consumers and the Internet of Things (ConsIoT 2016)},
      year = {2016},
      month = {4},
      pdf = {consiot.pdf},
      }
  • Artemios G. Voyiatzis and Kyriakos G. Stefanidis and Paris Kitsos, "Efficient Triggering of Trojan Hardware Logic," in 19th IEEE International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS 2016), 2016, pp. 200-205. BibTeX | PDF
    @INPROCEEDINGS{Voyiatzis2016Efficient,
      Author = {{Artemios G.} Voyiatzis and {Kyriakos G.} Stefanidis and Paris Kitsos},
      title = {Efficient Triggering of Trojan Hardware Logic},
      booktitle = {19th IEEE International Symposium on Design and Diagnostics of Electronic Circuits and Systems (DDECS 2016)},
      year = {2016},
      month = {4},
      pdf = {Kitsos_c47.pdf},
      pages = {200--205},
      publisher = {IEE},
      }
  • Aljosha Judmayer and Edgar R. Weippl, "Cryptographic Currencies Crash Course (C4): Tutorial," in 25th International Conference on World Wide Web (WWW 2016), 2016. BibTeX | PDF
    @INPROCEEDINGS{Judmayer2016Cryptographic,
      Author = {Aljosha Judmayer and {Edgar R.} Weippl},
      title = {Cryptographic Currencies Crash Course (C4): Tutorial},
      booktitle = {25th International Conference on World Wide Web (WWW 2016)},
      year = {2016},
      month = {4},
      pdf = {http://www2016.net/proceedings/companion/p1021.pdf},
      }
  • Stefanie Rinderle-Ma and Zhendong Ma and Bernhard Madlmayr, "Using Content Analysis for Privacy Requirement Extraction and Policy Formalization," in 6th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA), 2015. BibTeX | PDF
    @INPROCEEDINGS{RinderleMa2015Using,
      Author = {Stefanie Rinderle-Ma and Zhendong Ma and Bernhard Madlmayr},
      title = {Using Content Analysis for Privacy Requirement Extraction and Policy Formalization},
      booktitle = {6th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA)},
      year = {2015},
      month = {9},
      pdf = {http://eprints.cs.univie.ac.at/4429/1/EMISA_RMM15.pdf},
      }
  • Peter Kieseberg and Johannes Schantl and Peter Fruehwirt and Edgar R. Weippl and Andreas Holzinger, "Witnesses for the Doctor in the Loop," in 2015 International Conference on Brain Informatics & Health (BIH), 2015. BibTeX | PDF
    @INPROCEEDINGS{Kieseberg2015Witnesses,
      Author = {Peter Kieseberg and Johannes Schantl and Peter Fruehwirt and {Edgar R.} Weippl and Andreas Holzinger},
      title = {Witnesses for the Doctor in the Loop},
      booktitle = {2015 International Conference on Brain Informatics & Health (BIH)},
      year = {2015},
      month = {9},
      pdf = {https://online.tugraz.at/tug_online/voe_main2.getVollText?pDocumentNr=1151817&pCurrPk=85962},
      }
  • Andreas Rauber and Tomasz Miksa and Rudolf Mayer and Stefan Proell, "Repeatability and Re-Usability in Scientific Processes: Process Context, Data Identification and Verification.," in 17th International Conference on Data Analytics and Management in Data Intensive Domains (DAMDID 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Rauber2015Repeatability,
      Author = {Andreas Rauber and Tomasz Miksa and Rudolf Mayer and Stefan Proell},
      title = {Repeatability and Re-Usability in Scientific Processes: Process Context, Data Identification and Verification.},
      booktitle = {17th International Conference on Data Analytics and Management in Data Intensive Domains (DAMDID 2015)},
      year = {2015},
      month = {10},
      pdf = {DAMDID_150623.pdf},
      }
  • Adrian Dabrowski and Markus Kammerstetter and Eduard Thamm and Edgar R. Weippl and Wolfgang Kastner, "Leveraging Competitive Gamification for Sustainable Fun and Profit in Security Education," in USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE 2015) at USENIX Security Symposiom 2015, 2015. BibTeX | PDF
    @INPROCEEDINGS{Dabrowski2015Leveraging,
      Author = {Adrian Dabrowski and Markus Kammerstetter and Eduard Thamm and {Edgar R.} Weippl and Wolfgang Kastner},
      title = {Leveraging Competitive Gamification for Sustainable Fun and Profit in Security Education},
      booktitle = {USENIX Summit on Gaming, Games and Gamification in Security Education (3GSE 2015) at USENIX Security Symposiom 2015},
      year = {2015},
      month = {8},
      pdf = {https://www.usenix.org/system/files/conference/3gse15/3gse15-dabrowski.pdf},
      }
  • Damjan Buhov and Markus Huber and Georg Merzdovnik and Edgar R. Weippl and Vesna Dimitrova, "Network Security Challenges in Android Applications," in 10th International Conference on Availability, Reliability and Security (ARES 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Buhov2015Network,
      Author = {Damjan Buhov and Markus Huber and Georg Merzdovnik and {Edgar R.} Weippl and Vesna Dimitrova},
      title = {Network Security Challenges in Android Applications},
      booktitle = {10th International Conference on Availability, Reliability and Security (ARES 2015)},
      year = {2015},
      month = {8},
      pdf = {Network_Security_Preprint.pdf},
      }
  • Gülfem Savrun-Yeniçeri and Michael L. Van de Vanter and Per Larsen and Stefan Brunthaler and Michael Franz, "An Efficient and Generic Event-based Profiler Framework for Dynamic Languages," in Principles and Practices of Programming on The Java Platform (PPPJ 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{SavrunYeniceri2015Efficient,
      Author = {Gülfem Savrun-Yeniçeri and {Michael L.} {Van de Vanter} and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {An Efficient and Generic Event-based Profiler Framework for Dynamic Languages},
      booktitle = {Principles and Practices of Programming on The Java Platform (PPPJ 2015)},
      year = {2015},
      month = {9},
      pdf = {http://dl.acm.org/citation.cfm?doid=2807426.2807435},
      }
  • Tariq Fadai and Sebastian Schrittwieser and Peter Kieseberg and Martin Schmiedecker, "Trust me, I am a Root CA! Analyzing SSL Root CAs in modern Browsers and Operating Systems," in International Conference on Availability, Reliability and Security (ARES), 2015. BibTeX | PDF
    @INPROCEEDINGS{Fadai2015Trust,
      Author = {Tariq Fadai and Sebastian Schrittwieser and Peter Kieseberg and Martin Schmiedecker},
      title = {Trust me, I am a Root CA! Analyzing SSL Root CAs in modern Browsers and Operating Systems},
      booktitle = {International Conference on Availability, Reliability and Security (ARES)},
      year = {2015},
      month = {8},
      pdf = {SSL.pdf},
      }
  • Sebastian Neuner and Martin Schmiedecker and Sebastian Schrittwieser and Edgar R. Weippl, "Gradually Improving the Forensic Process," in International Workshop on Cyber Crime (IWCC), 2015. BibTeX | PDF
    @INPROCEEDINGS{Neuner2015Gradually,
      Author = {Sebastian Neuner and Martin Schmiedecker and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Gradually Improving the Forensic Process},
      booktitle = {International Workshop on Cyber Crime (IWCC)},
      year = {2015},
      month = {8},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/Neuner_IWCC2015.pdf},
      }
  • Adrian Dabrowski and Isao Echizen and Edgar R. Weippl, "Error-Correcting Codes as Source for Decoding Ambiguity," in LangSec Workshop at IEEE Security & Privacy, 2015. BibTeX | PDF
    @INPROCEEDINGS{Dabrowski2015ErrorCorrecting,
      Author = {Adrian Dabrowski and Isao Echizen and {Edgar R.} Weippl},
      title = {Error-Correcting Codes as Source for Decoding Ambiguity},
      booktitle = {LangSec Workshop at IEEE Security & Privacy},
      year = {2015},
      month = {21},
      pdf = {ecc.pdf},
      volume = {10},
      }
  • Josip Bozic and Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler and Franz Wotawa, "Attack Pattern-Based Combinatorial Testing with Constraints for Web Security Testing," in IEEE International Conference on Software Quality, Reliability and Security 2015, 2015. BibTeX | PDF
    @INPROCEEDINGS{Bozic2015Attack,
      Author = {Josip Bozic and Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler and Franz Wotawa},
      title = {Attack Pattern-Based Combinatorial Testing with Constraints for Web Security Testing},
      booktitle = {IEEE International Conference on Software Quality, Reliability and Security 2015},
      year = {2015},
      month = {8},
      pdf = {http://ieeexplore.ieee.org/document/7272934/},
      }
  • Johanna Ullrich and Peter Kieseberg and Katharina Krombholz and Edgar R. Weippl, "On Reconnaissance with IPv6: A Pattern-Based Scanning Approach," in International Conference on Availability, Reliability and Security (ARES), 2015. BibTeX | PDF
    @INPROCEEDINGS{Ullrich2015Reconnaissance,
      Author = {Johanna Ullrich and Peter Kieseberg and Katharina Krombholz and {Edgar R.} Weippl},
      title = {On Reconnaissance with IPv6: A Pattern-Based Scanning Approach},
      booktitle = {International Conference on Availability, Reliability and Security (ARES)},
      year = {2015},
      month = {8},
      pdf = {PID3762727.pdf},
      }
  • Paris Kitsos and Dimitris Simos and Jose Torres-Jimenez and Artemios G. Voyiatzis, "Exciting FPGA Cryptographic Trojans using Combinatorial Testing," in 26th IEEE International Symposium on Software Reliability Engineering (ISSRE 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Kitsos2015Exciting,
      Author = {Paris Kitsos and Dimitris Simos and Jose Torres-Jimenez and {Artemios G.} Voyiatzis},
      sbahotlist = {true},
      title = {Exciting FPGA Cryptographic Trojans using Combinatorial Testing},
      booktitle = {26th IEEE International Symposium on Software Reliability Engineering (ISSRE 2015)},
      year = {2015},
      month = {11},
      pdf = {http://ieeexplore.ieee.org/abstract/document/7381800/?section=abstract},
      }
  • Alifah Aida Lope Abdul Rahman and Shareeful Islam, "Sustainability forecast for cloud migration.," in IEEE 9th Symposium on the Maintenance and Evolution of Service-Oriented Systems and Cloud-Based Environments (MESOCA), 2015. BibTeX | PDF
    @INPROCEEDINGS{Rahman2015Sustainability,
      Author = {{Alifah Aida Lope Abdul} Rahman and Shareeful Islam},
      sbahotlist = {true},
      title = {Sustainability forecast for cloud migration.},
      booktitle = {IEEE 9th Symposium on the Maintenance and Evolution of Service-Oriented Systems and Cloud-Based Environments (MESOCA)},
      year = {2015},
      month = {10},
      pdf = {06_07328123.pdf},
      }
  • Johanna Ullrich and Edgar R. Weippl, "Privacy is Not an Option: Attacking the IPv6 Privacy Extension," in International Symposium on Recent Advances in Intrusion Detection (RAID), 2015. BibTeX | PDF | Slides
    @INPROCEEDINGS{Ullrich2015Privacy,
      Author = {Johanna Ullrich and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Privacy is Not an Option: Attacking the IPv6 Privacy Extension},
      booktitle = {International Symposium on Recent Advances in Intrusion Detection (RAID)},
      year = {2015},
      month = {0},
      pdf = {https://www.sba-research.org/wp-content/uploads/publications/Ullrich2015Privacy.pdf},
      link_slides = {http://www.slideshare.net/SBAResearch/privacy-is-not-an-option-attacking-the-ipv6-privacy-extension},
      }
  • Rudolf Mayer and Andreas Rauber, "A quantitative study on the re-executability of publicly shared scientific workflows," in 11th International Conference on e-Science, 2015. BibTeX | PDF
    @INPROCEEDINGS{Mayer2015quantitative,
      Author = {Rudolf Mayer and Andreas Rauber},
      title = {A quantitative study on the re-executability of publicly shared scientific workflows},
      booktitle = {11th International Conference on e-Science},
      year = {2015},
      month = {8},
      pdf = {http://ieeexplore.ieee.org/document/7304314/},
      }
  • Artemios G. Voyiatzis and Konstantinos Katsigiannis and Stavros Koubias, "A Modbus TCP Fuzzer for Testing Internetworked Industrial Systems," in 20th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2015), 2015. BibTeX
    @INPROCEEDINGS{Voyiatzis2015ModbusTCP,
      Author = {{Artemios G.} Voyiatzis and Konstantinos Katsigiannis and Stavros Koubias},
      title = {A Modbus TCP Fuzzer for Testing Internetworked Industrial Systems},
      booktitle = {20th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2015)},
      year = {2015},
      month = {9},
      }
  • Tobias Hildebrandt and Stefanie Rinderle-Ma, "Server Sounds and Network Noises," in 6th IEEE Conference on Cognitive Infocommunications (CogInfoCom 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Hildebrandt2015Server,
      Author = {Tobias Hildebrandt and Stefanie Rinderle-Ma},
      title = {Server Sounds and Network Noises},
      booktitle = {6th IEEE Conference on Cognitive Infocommunications (CogInfoCom 2015)},
      year = {2015},
      month = {10},
      pdf = {http://eprints.cs.univie.ac.at/4499/1/authors_copy.pdf},
      }
  • Katharina Krombholz and Peter Fruehwirt and Thomas Rieder and Ioannis Kapsalis and Johanna Ullrich and Edgar R. Weippl, "QR Code Security – How Secure and Usable Apps Can Protect Users Against Malicious QR Codes," in 2015 International Conference on Availability, Reliability and Security (ARES), 2015. BibTeX | PDF
    @INPROCEEDINGS{Krombholz2015Code,
      Author = {Katharina Krombholz and Peter Fruehwirt and Thomas Rieder and Ioannis Kapsalis and Johanna Ullrich and {Edgar R.} Weippl},
      title = {QR Code Security - How Secure and Usable Apps Can Protect Users Against Malicious QR Codes},
      booktitle = {2015 International Conference on Availability, Reliability and Security (ARES)},
      year = {2015},
      month = {8},
      pdf = {http://ieeexplore.ieee.org/document/7299920/},
      }
  • Katharina Krombholz and Christopher Frauenberger and Edgar R. Weippl, "Privacy for Everyone: Towards an Inclusive Design Approach for Accessible Privacy and Security Technology," in Workshop on Inclusive Privacy and Security (WIPS), Symposium On Usable Privacy and Security 2015, 2015. BibTeX | PDF
    @INPROCEEDINGS{Krombholz2015Privacy,
      Author = {Katharina Krombholz and Christopher Frauenberger and {Edgar R.} Weippl},
      title = {Privacy for Everyone: Towards an Inclusive Design Approach for Accessible Privacy and Security Technology},
      booktitle = {Workshop on Inclusive Privacy and Security (WIPS), Symposium On Usable Privacy and Security 2015},
      year = {2015},
      month = {7},
      pdf = {https://www.ifs.tuwien.ac.at/node/17062},
      }
  • Christoph Rottermanner and Peter Kieseberg and Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser, "Privacy and Data Protection in Smartphone Messengers," in Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services (iiWAS2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Rottermanner2015Privacy,
      Author = {Christoph Rottermanner and Peter Kieseberg and Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser},
      title = {Privacy and Data Protection in Smartphone Messengers},
      booktitle = {Proceedings of the 17th International Conference on Information Integration and Web-based Applications & Services (iiWAS2015)},
      year = {2015},
      month = {12},
      pdf = {paper_drafthp.pdf},
      }
  • Heidelinde Hobel and Amin Abdalla and Paolo Fogliaroni and Andrew U. Frank, "A Semantic Region Growing Algorithm: Extraction of Urban Settings," in Geographic Information Science as an Enabler of Smarter Cities and Communities (AGILE) 2015, 2015. BibTeX | PDF
    @INPROCEEDINGS{Hobel2015Semantic,
      Author = {Heidelinde Hobel and Amin Abdalla and Paolo Fogliaroni and {Andrew U.} Frank},
      title = {A Semantic Region Growing Algorithm: Extraction of Urban Settings},
      booktitle = {Geographic Information Science as an Enabler of Smarter Cities and Communities (AGILE) 2015},
      year = {2015},
      month = {6},
      pdf = {Heidelinde Hobel - A Semantic Region Growing Algorithm.pdf},
      }
  • Yanick Fratantonio and Antonio Bianchi and William Robertson and Manuel Egele and Christopher Kruegel and Engin Kirda and Giovanni Vigna, "On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users," in 12th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), 2015. BibTeX | PDF
    @INPROCEEDINGS{Fratantonio2015Security,
      Author = {Yanick Fratantonio and Antonio Bianchi and William Robertson and Manuel Egele and Christopher Kruegel and Engin Kirda and Giovanni Vigna},
      title = {On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users},
      booktitle = {12th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)},
      year = {2015},
      month = {7},
      pdf = {http://seclab.ccs.neu.edu/static/publications/dimva2015android.pdf},
      }
  • Jordan Cropper and Johanna Ullrich and Peter Fruehwirt and Edgar R. Weippl, "The Role and Security of Firewall in IaaS Cloud Computing," in Tenth International Conference on Availability, Reliability and Security (ARES), 2015. BibTeX | PDF
    @INPROCEEDINGS{Cropper2015Role,
      Author = {Jordan Cropper and Johanna Ullrich and Peter Fruehwirt and {Edgar R.} Weippl},
      title = {The Role and Security of Firewall in IaaS Cloud Computing},
      booktitle = {Tenth International Conference on Availability, Reliability and Security (ARES)},
      year = {2015},
      month = {8},
      pdf = {PID3762737.pdf},
      }
  • Stefan Proell and Rudolf Mayer and Andreas Rauber, "Data Access and Reproducibility in Privacy Sensitive eScience Domains," in 11th IEEE International Conference on eScience, 2015. BibTeX | PDF
    @INPROCEEDINGS{Proell8Data,
      Author = {Stefan Proell and Rudolf Mayer and Andreas Rauber},
      title = {Data Access and Reproducibility in Privacy Sensitive eScience Domains},
      booktitle = {11th IEEE International Conference on eScience},
      year = {2015},
      month = {8},
      pdf = {http://www.ifs.tuwien.ac.at/~mayer/publications/pdf/pro_15escience.pdf},
      }
  • Yanick Fratantonio and Aravind Machiry and Antonio Bianchi and Christopher Kruegel and Giovanni Vigna, "CLAPP: Characterizing Loops in Android Applications," in 10th Joint Meeting of the European Software Engineering Conference and the ACM Symposium on the Foundations of Software Engineering (ESEC FSE), 2015. BibTeX | PDF
    @INPROCEEDINGS{Fratantonio2015CLAPP,
      Author = {Yanick Fratantonio and Aravind Machiry and Antonio Bianchi and Christopher Kruegel and Giovanni Vigna},
      title = {CLAPP: Characterizing Loops in Android Applications},
      booktitle = {10th Joint Meeting of the European Software Engineering Conference and the ACM Symposium on the Foundations of Software Engineering (ESEC FSE)},
      year = {2015},
      month = {8},
      pdf = {http://cs.ucsb.edu/~yanick/publications/2015_fse_clapp.pdf},
      }
  • Kevin Borgolte and Christopher Kruegel and Giovanni Vigna, "Meerkat: Detecting Website Defacements through Image-based Object Recognition," in 24th Usenix Security Symposium, 2015. BibTeX | PDF
    @INPROCEEDINGS{Borgolte2015Meerkat,
      Author = {Kevin Borgolte and Christopher Kruegel and Giovanni Vigna},
      title = {Meerkat: Detecting Website Defacements through Image-based Object Recognition},
      booktitle = {24th Usenix Security Symposium},
      year = {2015},
      month = {8},
      pdf = {https://seclab.cs.ucsb.edu/media/uploads/papers/sec2015-meerkat.pdf},
      }
  • Michael Weissbacher and William Robertson and Engin Kirda and Christopher Kruegel and Giovanni Vigna, "ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities," in 24th Usenix Security Symposium, 2015. BibTeX | PDF
    @INPROCEEDINGS{Weissbacher2015ZigZag,
      Author = {Michael Weissbacher and William Robertson and Engin Kirda and Christopher Kruegel and Giovanni Vigna},
      title = {ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities},
      booktitle = {24th Usenix Security Symposium},
      year = {2015},
      month = {8},
      pdf = {http://seclab.ccs.neu.edu/static/publications/sec2015zigzag.pdf},
      }
  • Gianluca Stringhini and Pierre Mourlanne and Gregoire Jacob and Manuel Egele and Christopher Kruegel and Giovanni Vigna, "EvilCohort: Detecting Communities of Malicious Accounts on Online Services," in 24th Usenix Security Symposium, 2015. BibTeX | PDF
    @INPROCEEDINGS{Stringhini2015EvilCohort,
      Author = {Gianluca Stringhini and Pierre Mourlanne and Gregoire Jacob and Manuel Egele and Christopher Kruegel and Giovanni Vigna},
      title = {EvilCohort: Detecting Communities of Malicious Accounts on Online Services},
      booktitle = {24th Usenix Security Symposium},
      year = {2015},
      month = {8},
      pdf = {http://www0.cs.ucl.ac.uk/staff/G.Stringhini/papers/evilcohort-usenix2015.pdf},
      }
  • Paolo Fogliaroni and Heidelinde Hobel, "Implementing Naive Geography via Qualitative Spatial Relation Queries," in Geographic Information Science as an Enabler of Smarter Cities and Communities (AGILE 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Fogliaroni2015Implementing,
      Author = {Paolo Fogliaroni and Heidelinde Hobel},
      title = {Implementing Naive Geography via Qualitative Spatial Relation Queries},
      booktitle = {Geographic Information Science as an Enabler of Smarter Cities and Communities (AGILE 2015)},
      year = {2015},
      month = {6},
      pdf = {http://www.agile-online.org/Conference_Paper/cds/agile_2015/shortpapers/91/91_Paper_in_PDF.pdf},
      }
  • Umar Mukhtar Ismail and Shareeful Islam and Haralambos Mouratidis, "Cloud Security Audit for Migration and Continuous Monitoring," in 5th IEEE International Symposium on Trust and Security in Cloud Computing, 2015. BibTeX | PDF
    @INPROCEEDINGS{Ismail2015Cloud,
      Author = {{Umar Mukhtar} Ismail and Shareeful Islam and Haralambos Mouratidis},
      title = {Cloud Security Audit for Migration and Continuous Monitoring},
      booktitle = {5th IEEE International Symposium on Trust and Security in Cloud Computing},
      year = {2015},
      month = {8},
      pdf = {Symposium Paper SUBMITTED_Vr1.pdf},
      }
  • Bernhard Grill and Andrei Bacs and Christian Platzer and Herbert Bos, "\’Nice Boots!\’: A Large-Scale Analysis of Bootkits and New Ways to Stop Them," in International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA), 2015. BibTeX | PDF
    @INPROCEEDINGS{Grill2015Nice,
      Author = {Bernhard Grill and Andrei Bacs and Christian Platzer and Herbert Bos},
      title = {\'Nice Boots!\': A Large-Scale Analysis of Bootkits and New Ways to Stop Them},
      booktitle = {International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment (DIMVA)},
      year = {2015},
      month = {7},
      pdf = {bootcamp_dimva_2015.pdf},
      }
  • Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and A Min Tjoa, "Stakeholder-oriented energy planning support in cities," in 6th International Building Physics Conference, IBPC 2015, 2015. BibTeX
    @INPROCEEDINGS{Ouhajjou2015Stakeholderoriented,
      Author = {Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and {A Min} Tjoa},
      title = {Stakeholder-oriented energy planning support in cities},
      booktitle = {6th International Building Physics Conference, IBPC 2015},
      year = {2015},
      month = {6},
      }
  • Bernhard Grill and Andreas Ekelhart and Elmar Kiesling and Christine Strauss and Christian Stummer, "Multi-objective evolutionary optimization of computation-intensive simulations – The case of security control selection," in Proceedings of the 11th Metaheuristics International Conference (MIC), 2015. BibTeX | PDF
    @INPROCEEDINGS{Kiesling2015Multiobjective,
      Author = {Bernhard Grill and Andreas Ekelhart and Elmar Kiesling and Christine Strauss and Christian Stummer},
      title = {Multi-objective evolutionary optimization of computation-intensive simulations - The case of security control selection},
      booktitle = {Proceedings of the 11th Metaheuristics International Conference (MIC)},
      year = {2015},
      month = {6},
      pdf = {optimizing_metaheuristics_mic_final.pdf},
      }
  • Ilias Kotsireas and Temur Kutsia and Dimitris Simos, "Constructing Orthogonal Designs in Powers of Two: Groebner Bases Meet Equational Unification," in 26th International Conference on Rewriting Techniques and Applications (RTA 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Simos2015Constructing,
      Author = {Ilias Kotsireas and Temur Kutsia and Dimitris Simos},
      title = {Constructing Orthogonal Designs in Powers of Two: Groebner Bases Meet Equational Unification},
      booktitle = {26th International Conference on Rewriting Techniques and Applications (RTA 2015)},
      year = {2015},
      month = {6},
      pdf = {http://drops.dagstuhl.de/opus/volltexte/2015/5200/pdf/20.pdf},
      }
  • Evangelos Papapetrou and Vasileios Bourgos and Artemios G. Voyiatzis, "Privacy-preserving Routing in Delay Tolerant Networks based on Bloom Filters," in 16th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (IEEE WoWMoM 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Papapetrou2015Privacypreserving,
      Author = {Evangelos Papapetrou and Vasileios Bourgos and {Artemios G.} Voyiatzis},
      title = {Privacy-preserving Routing in Delay Tolerant Networks based on Bloom Filters},
      booktitle = {16th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (IEEE WoWMoM 2015)},
      year = {2015},
      month = {6},
      pdf = {http://www.researchgate.net/profile/Evangelos_Papapetrou/publication/275330512_Privacy-preserving_Routing_in_Delay_Tolerant_Networks_based_on_Bloom_Filters/links/55377c0d0cf2058efdeabfdd.pdf},
      }
  • Lenos Ioannou and Harris E. Michail and Artemios G. Voyiatzis, "High Performance Pipelined FPGA Implementation of the SHA-3 Hash Algorithm," in 4th Mediterranean Conference on Embedded Computing, 2015. BibTeX | PDF
    @INPROCEEDINGS{Ioannou2015High,
      Author = {Lenos Ioannou and {Harris E.} Michail and {Artemios G.} Voyiatzis},
      title = {High Performance Pipelined FPGA Implementation of the SHA-3 Hash Algorithm},
      booktitle = {4th Mediterranean Conference on Embedded Computing},
      year = {2015},
      month = {6},
      pdf = {https://dl.dropboxusercontent.com/u/56966369/meco2015.pdf},
      }
  • Gerald Quirchmayr and Otto Hellwig and Edith Huber and Markus Huber and Timo Mischitz, "Towards a CERT-Communication Model as Basis to Software Assurance," in 10th International Conference on Availability, Reliability and Security (ARES), 2015, 2015. BibTeX | PDF
    @INPROCEEDINGS{Quirchmayr2015Towards,
      Author = {Gerald Quirchmayr and Otto Hellwig and Edith Huber and Markus Huber and Timo Mischitz},
      title = {Towards a CERT-Communication Model as Basis to Software Assurance},
      booktitle = {10th International Conference on Availability, Reliability and Security (ARES), 2015},
      year = {2015},
      month = {8},
      pdf = {https://www.researchgate.net/profile/Edith_Huber2/publication/280232144_Towards_a_CERT-Communication_Model_as_Basis_to_Software_Assurance/links/55dec1fd08ae79830bb59139.pdf},
      }
  • Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna, "Portrait of a Privacy Invasion – Detecting Relationships Through Large-scale Photo Analysis," in 15th Privacy Enhancing Technologies Symposium (PETS), 2015. BibTeX | PDF
    @INPROCEEDINGS{Shoshitaishvili2015Portrait,
      Author = {Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna},
      title = {Portrait of a Privacy Invasion - Detecting Relationships Through Large-scale Photo Analysis},
      booktitle = {15th Privacy Enhancing Technologies Symposium (PETS)},
      year = {2015},
      month = {6},
      pdf = {https://www.cs.ucsb.edu/~chris/research/doc/pets15_creepic.pdf},
      }
  • Martina Lindorfer and Matthias Neugschwandtner and Christian Platzer, "Marvin: Efficient and Comprehensive Mobile App Classification Through Static and Dynamic Analysis," in Proceedings of the 39th Annual International Computers, Software and Applications Conference (COMPSAC), 2015. BibTeX | PDF
    @INPROCEEDINGS{Lindorfer2015Marvin,
      Author = {Martina Lindorfer and Matthias Neugschwandtner and Christian Platzer},
      title = {Marvin: Efficient and Comprehensive Mobile App Classification Through Static and Dynamic Analysis},
      booktitle = {Proceedings of the 39th Annual International Computers, Software and Applications Conference (COMPSAC)},
      year = {2015},
      month = {7},
      pdf = {http://iseclab.org/papers/marvin_compsac15.pdf},
      }
  • Stephen Crane and Christopher Liebchen and Andrei Homescu and Lucas Davi and Per Larsen and Ahmad-Reza Sadeghi and Stefan Brunthaler and Michael Franz, "Readactor: Practical Code Randomization Resilient to Memory Disclosure," in 2015 IEEE Symposium on Security and Privacy, 2015. BibTeX | PDF
    @INPROCEEDINGS{Crane2015Readactor,
      Author = {Stephen Crane and Christopher Liebchen and Andrei Homescu and Lucas Davi and Per Larsen and Ahmad-Reza Sadeghi and Stefan Brunthaler and Michael Franz},
      title = {Readactor: Practical Code Randomization Resilient to Memory Disclosure},
      booktitle = {2015 IEEE Symposium on Security and Privacy},
      year = {2015},
      month = {5},
      pdf = {http://ieeexplore.ieee.org/lpdocs/epic03/wrapper.htm?arnumber=7163059},
      }
  • Antonio Bianchi and Jacopo Corbetta and Luca Invernizzi and Yanick Fratantonio and Christopher Kruegel and Giovanni Vigna, "What the App is That? Deception and Countermeasures in the Android User Interface," in IEEE Symposium on Security and Privacy, 2015. BibTeX | PDF
    @INPROCEEDINGS{Bianchi2015What,
      Author = {Antonio Bianchi and Jacopo Corbetta and Luca Invernizzi and Yanick Fratantonio and Christopher Kruegel and Giovanni Vigna},
      title = {What the App is That? Deception and Countermeasures in the Android User Interface},
      booktitle = {IEEE Symposium on Security and Privacy},
      year = {2015},
      month = {5},
      pdf = {https://www.cs.ucsb.edu/~chris/research/doc/oakland15_uideception.pdf},
      }
  • Stefan Fenz and Johannes Heurix and Thomas Neubauer, "How to increase the inventory efficiency in information security risk and compliance management," in European Conference on Information Systems (ECIS) 2015, 2015. BibTeX
    @INPROCEEDINGS{Fenz2015increase,
      Author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
      title = {How to increase the inventory efficiency in information security risk and compliance management},
      booktitle = {European Conference on Information Systems (ECIS) 2015},
      year = {2015},
      month = {5},
      }
  • Codruţ Stancu and Christian Wimmer and Stefan Brunthaler and Per Larsen and Michael Franz, "Safe and efficient hybrid memory management for Java," in 2015 ACM SIGPLAN International Symposium on Memory Management (ISMM 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Stancu2015Safe,
      Author = {Codruţ Stancu and Christian Wimmer and Stefan Brunthaler and Per Larsen and Michael Franz},
      title = {Safe and efficient hybrid memory management for Java},
      booktitle = {2015 ACM SIGPLAN International Symposium on Memory Management (ISMM 2015)},
      year = {2015},
      month = {6},
      pdf = {http://dl.acm.org/citation.cfm?doid=2754169.2754185},
      }
  • Peter Kieseberg and Peter Fruehwirt and Sebastian Schrittwieser and Edgar R. Weippl, "Security tests for mobile applications – Why using TLS SSL is not enough," in 2015 IEEE Eighth International Conference on Software Testing, Verification and Validation Workshops (ICSTW), 2015. BibTeX | PDF
    @INPROCEEDINGS{Kieseberg2015Security,
      Author = {Peter Kieseberg and Peter Fruehwirt and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Security tests for mobile applications - Why using TLS SSL is not enough},
      booktitle = {2015 IEEE Eighth International Conference on Software Testing, Verification and Validation Workshops (ICSTW)},
      year = {2015},
      month = {4},
      pdf = {ASQT2015_cameraready_wo1stpage.pdf},
      }
  • Edith Huber and Gerald Quirchmayr and Otto Hellwig, "Wissensmanagement bei CERTs – eine europäische Herausforderung, in Risiken kennen, Herausforderungen annehmen, Lösungen gestalten," in 14. Deutscher IT-Sicherheitskongress des BSI, 2015. BibTeX
    @INPROCEEDINGS{Huber2015Wissensmanagement,
      Author = {Edith Huber and Gerald Quirchmayr and Otto Hellwig},
      title = {Wissensmanagement bei CERTs – eine europäische Herausforderung, in Risiken kennen, Herausforderungen annehmen, Lösungen gestalten},
      booktitle = {14. Deutscher IT-Sicherheitskongress des BSI},
      year = {2015},
      month = {5},
      }
  • Patrick Mutchler and Adam Doupé and John Mitchell and Christopher Kruegel and Giovanni Vigna, "A Large-Scale Study of Mobile Web App Security," in Mobile Security Technologies Workshop (MoST), 2015. BibTeX | PDF
    @INPROCEEDINGS{Mutchler2015LargeScale,
      Author = {Patrick Mutchler and Adam Doupé and John Mitchell and Christopher Kruegel and Giovanni Vigna},
      title = {A Large-Scale Study of Mobile Web App Security},
      booktitle = {Mobile Security Technologies Workshop (MoST)},
      year = {2015},
      month = {5},
      pdf = {http://ieee-security.org/TC/SPW2015/MoST/papers/s2p3.pdf},
      }
  • Matthias Neugschwandtner and Paolo Milani Comparetti and Istvan Haller and Herbert Bos, "The BORG: Nanoprobing Binaries for Buffer Overreads," in ACM Conference on Data and Application Security and Privacy (CODASPY), 2015. BibTeX | PDF
    @INPROCEEDINGS{Neugschwandtner2015BORG,
      Author = {Matthias Neugschwandtner and Paolo Milani Comparetti and Istvan Haller and Herbert Bos},
      title = {The BORG: Nanoprobing Binaries for Buffer Overreads},
      booktitle = {ACM Conference on Data and Application Security and Privacy (CODASPY)},
      year = {2015},
      month = {3},
      pdf = {Neugschwandtner borg.pdf},
      }
  • Josip Bozic and Bernhard Garn and Dimitris Simos and Franz Wotawa, "Evaluation of the IPO-Family algorithms for test case generation in web security testing," in IEEE 8th International Conference on Software Testing, Verification and Validation, 2015. BibTeX | PDF
    @INPROCEEDINGS{Bozic2015Evaluation,
      Author = {Josip Bozic and Bernhard Garn and Dimitris Simos and Franz Wotawa},
      title = {Evaluation of the IPO-Family algorithms for test case generation in web security testing},
      booktitle = {IEEE 8th International Conference on Software Testing, Verification and Validation},
      year = {2015},
      month = {4},
      pdf = {http://ieeexplore.ieee.org/document/7107436/},
      }
  • Stefan Proell and Rudolf Mayer and Andreas Rauber, "Reproducible Database Queries in Privacy Sensitive Applications," in MATHMOD 2015, 2015. BibTeX | PDF
    @INPROCEEDINGS{Proell2015Reproducible,
      Author = {Stefan Proell and Rudolf Mayer and Andreas Rauber},
      title = {Reproducible Database Queries in Privacy Sensitive Applications},
      booktitle = {MATHMOD 2015},
      year = {2015},
      month = {2},
      pdf = {http://www.sciencedirect.com/science/article/pii/S2405896315002037},
      }
  • Heidelinde Hobel and Lisa Madlberger and Andreas Thoeni and Stefan Fenz, "Visualisation of User-Generated Event Information: Towards Geospatial Situation Awareness Using Hierarchical Granularity Levels," in Workshop on Social Media and Linked Data for Emergency Response at ESWC2014 (SMILE), 2015. BibTeX | PDF
    @INPROCEEDINGS{Hobel2015Visualisation,
      Author = {Heidelinde Hobel and Lisa Madlberger and Andreas Thoeni and Stefan Fenz},
      title = { Visualisation of User-Generated Event Information: Towards Geospatial Situation Awareness Using Hierarchical Granularity Levels},
      booktitle = {Workshop on Social Media and Linked Data for Emergency Response at ESWC2014 (SMILE)},
      year = {2015},
      month = {2},
      pdf = {http://linkedscience.org/wp-content/uploads/2014/05/smile2014_submission_2.pdf},
      }
  • Stephen Crane and Andrei Homescu and Stefan Brunthaler and Per Larsen and Michael Franz, "Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity," in 22nd Annual Network and Distributed System Security Symposium (NDSS 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Crane2015Thwarting,
      Author = {Stephen Crane and Andrei Homescu and Stefan Brunthaler and Per Larsen and Michael Franz},
      title = {Thwarting Cache Side-Channel Attacks Through Dynamic Software Diversity},
      booktitle = {22nd Annual Network and Distributed System Security Symposium (NDSS 2015)},
      year = {2015},
      month = {2},
      pdf = {ndss15b.pdf},
      }
  • Vishwath Mohan and Per Larsen and Stefan Brunthaler and Kevin W. Hamlen and Michael Franz, "Opaque control-flow integrity," in Network and Distributed System Security Symposium, 2015. BibTeX | PDF
    @INPROCEEDINGS{Mohan2015Opaque,
      Author = {Vishwath Mohan and Per Larsen and Stefan Brunthaler and {Kevin W.} Hamlen and Michael Franz},
      title = {Opaque control-flow integrity},
      booktitle = {Network and Distributed System Security Symposium},
      year = {2015},
      month = {2},
      pdf = {ndss15a.pdf},
      }
  • Katharina Krombholz and Adrian Dabrowski and Matthew Smith and Edgar R. Weippl, "Ok Glass, Leave me Alone: Towards a Systematization of Privacy Enhancing Technologies for Wearable Computing," in 1st Workshop on Wearable Security and Privacy, 2015. BibTeX | PDF
    @INPROCEEDINGS{Krombholz2015Glass,
      Author = {Katharina Krombholz and Adrian Dabrowski and Matthew Smith and {Edgar R.} Weippl},
      title = {Ok Glass, Leave me Alone: Towards a Systematization of Privacy Enhancing Technologies for Wearable Computing},
      booktitle = {1st Workshop on Wearable Security and Privacy},
      year = {2015},
      month = {1},
      pdf = {Ok Glass.pdf},
      }
  • Adrian Dabrowski and Katharina Krombholz and Edgar R. Weippl and Isao Echizen, "Smart Privacy Visor: Bridging the Privacy Gap," in Workshop on Privacy by Transparency in Data-Centric Services (BIS 2015), 2015. BibTeX | PDF
    @INPROCEEDINGS{Dabrowski2015Smart,
      Author = {Adrian Dabrowski and Katharina Krombholz and {Edgar R.} Weippl and Isao Echizen},
      title = {Smart Privacy Visor: Bridging the Privacy Gap},
      booktitle = {Workshop on Privacy by Transparency in Data-Centric Services (BIS 2015)},
      year = {2015},
      month = {6},
      pdf = {http://link.springer.com/chapter/10.1007/978-3-319-26762-3_21},
      }
  • Maria Leitner and Stefanie Rinderle-Ma, "Anomaly Detection and Visualization in Generative RBAC Models," in Proceedings of the 19th ACM Symposium on Access Control Models and Technologies (SACMAT), 2014, pp. 41-52. BibTeX | PDF
    @INPROCEEDINGS{Leitner2014Anomaly,
      Author = {Maria Leitner and Stefanie Rinderle-Ma},
      sbahotlist = {true},
      title = {Anomaly Detection and Visualization in Generative RBAC Models},
      booktitle = {Proceedings of the 19th ACM Symposium on Access Control Models and Technologies (SACMAT)},
      year = {2014},
      month = {6},
      pdf = {Leitner2014Anomaly.pdf},
      pages = {41-52},
      publisher = {ACM},
      }
  • Aljosha Judmayer and Lukas Krammer and Wolfgang Kastner, "On the security of security extensions for IP-based KNX networks," in 10th IEEE International Workshop on Factory Communication Systems, 2014. BibTeX | PDF
    @INPROCEEDINGS{Judmayer2014security,
      Author = {Aljosha Judmayer and Lukas Krammer and Wolfgang Kastner},
      sbahotlist = {true},
      title = {On the security of security extensions for IP-based KNX networks},
      booktitle = {10th IEEE International Workshop on Factory Communication Systems},
      year = {2014},
      month = {5},
      pdf = {judmayer_KNX_wfcs2014.pdf},
      }
  • Manfred Halper and Stefan Fenz and J. Goellner and Gerald Quirchmayr, "Evaluation criteria for cloud computing based on the upcoming European data protection regulation," in 2014 Civilisation at the Crossroads Response and Responsibility of the Systems Sciences, 2014. BibTeX
    @INPROCEEDINGS{Halper2014Evaluation,
      Author = {Manfred Halper and Stefan Fenz and J. Goellner and Gerald Quirchmayr},
      title = {Evaluation criteria for cloud computing based on the upcoming European data protection regulation},
      booktitle = {2014 Civilisation at the Crossroads Response and Responsibility of the Systems Sciences},
      year = {2014},
      month = {4},
      }
  • Peter Aufner and Georg Merzdovnik and Markus Huber and Edgar R. Weippl, "Plugin in the Middle – Minimising Security Risks in Mobile Middleware Implementations," in SINCONF 2014 (Conference on Security of Information and Networks), 2014. BibTeX | PDF
    @INPROCEEDINGS{Aufner2014Plugin,
      Author = {Peter Aufner and Georg Merzdovnik and Markus Huber and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Plugin in the Middle - Minimising Security Risks in Mobile Middleware Implementations},
      booktitle = {SINCONF 2014 (Conference on Security of Information and Networks)},
      year = {2014},
      month = {9},
      pdf = {secperv.pdf},
      }
  • Adrian Dabrowski and Nicola Pianta and Thomas Klepp and Martin Schmiedecker and Edgar R. Weippl, "IMSI-Catch Me If You Can: IMSI-Catcher-Catchers," in Annual Computer Security Applications Conference (ACSAC), 2014. BibTeX | PDF | Src
    @INPROCEEDINGS{Dabrowski2014IMSICatch,
      Author = {Adrian Dabrowski and Nicola Pianta and Thomas Klepp and Martin Schmiedecker and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {IMSI-Catch Me If You Can: IMSI-Catcher-Catchers},
      booktitle = {Annual Computer Security Applications Conference (ACSAC)},
      year = {2014},
      month = {12},
      pdf = {DabrowskiEtAl-IMSI-Catcher-Catcher-ACSAC2014.pdf},
      link_source = {http://sourceforge.net/p/icc/},
      }
  • Bernhard Grill and Christian Platzer and Juergen Eckel, "A Practical Approach for Generic Bootkit Detection and Prevention," in EuroSec 2014, 2014. BibTeX | PDF
    @INPROCEEDINGS{Grill2014Practical,
      Author = {Bernhard Grill and Christian Platzer and Juergen Eckel},
      title = {A Practical Approach for Generic Bootkit Detection and Prevention},
      booktitle = {EuroSec 2014},
      year = {2014},
      month = {4},
      pdf = {Bootkit_EuroSec_2014.pdf},
      }
  • Ali Zand and Giovanni Vigna and Richard Kemmerer and Christopher Kruegel, "Rippler: Delay Injection for Service Dependency Detection," in IEEE International Conference on Computer Communications (INFOCOM), 2014. BibTeX
    @INPROCEEDINGS{Zand2014Rippler,
      Author = {Ali Zand and Giovanni Vigna and Richard Kemmerer and Christopher Kruegel},
      title = {Rippler: Delay Injection for Service Dependency Detection},
      booktitle = {IEEE International Conference on Computer Communications (INFOCOM)},
      year = {2014},
      month = {4},
      }
  • Adrian Dabrowski and Heidelinde Hobel and Johanna Ullrich and Katharina Krombholz and Edgar R. Weippl, "Towards a Hardware Trojan Detection Cycle," in Second International Workshop on Emerging Cyberthreats and Countermeasures, ARES ECTCM 2014, 2014. BibTeX | PDF
    @INPROCEEDINGS{Dabrowski2014Towards,
      Author = {Adrian Dabrowski and Heidelinde Hobel and Johanna Ullrich and Katharina Krombholz and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Towards a Hardware Trojan Detection Cycle},
      booktitle = {Second International Workshop on Emerging Cyberthreats and Countermeasures, ARES ECTCM 2014},
      year = {2014},
      month = {9},
      pdf = {towards a hardware trojan _paper.pdf},
      }
  • Damjan Buhov and S. Markovski and Vesna Dimitrova and Z. Trajcheska and M. Petkovska and M. Kostadinovski, "Block Cipher Defined By Matrix Presentation of Quasigroups," in 11th Conference for Informatics and Information Technology (CIIT 2014), 2014. BibTeX
    @INPROCEEDINGS{Buhov2014Block,
      Author = {Damjan Buhov and S. Markovski and Vesna Dimitrova and Z. Trajcheska and M. Petkovska and M. Kostadinovski},
      title = {Block Cipher Defined By Matrix Presentation of Quasigroups},
      booktitle = {11th Conference for Informatics and Information Technology (CIIT 2014)},
      year = {2014},
      month = {4},
      }
  • Philipp Winter and Richard Koewer and Martin Schmiedecker and Markus Huber and Sebastian Schrittwieser and Stefan Lindskog and Edgar R. Weippl, "Spoiled Onions: Exposing Malicious Tor Exit Relays," in The 14th Privacy Enhancing Technologies Symposium (PETS), 2014. BibTeX | PDF | Slides
    @INPROCEEDINGS{Winter2014Spoiled,
      Author = {Philipp Winter and Richard Koewer and Martin Schmiedecker and Markus Huber and Sebastian Schrittwieser and Stefan Lindskog and {Edgar R.} Weippl},
      title = {Spoiled Onions: Exposing Malicious Tor Exit Relays},
      booktitle = {The 14th Privacy Enhancing Technologies Symposium (PETS)},
      year = {2014},
      month = {7},
      pdf = {http://www.sba-research.org/wp-content/uploads/publications/pets2014_preprint.pdf},
      link_slides = {http://www.slideshare.net/SBAResearch/spoiled-onions},
      }
  • Peter Fruehwirt and Peter Kieseberg and Christoph Hochreiner and Sebastian Schrittwieser and Edgar R. Weippl, "InnoDB Datenbank Forensik Rekonstruktion von Abfragen über Datenbank-interne Logfiles," in GI Sicherheit 2014, 2014. BibTeX | PDF
    @INPROCEEDINGS{Fruehwirt2014InnoDB,
      Author = {Peter Fruehwirt and Peter Kieseberg and Christoph Hochreiner and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {InnoDB Datenbank Forensik Rekonstruktion von Abfragen über Datenbank-interne Logfiles },
      booktitle = {GI Sicherheit 2014 },
      year = {2014},
      month = {3},
      pdf = {FRUEHWIRT-InnoDB Datenbank Forensik-Rekonstruktion.pdf},
      }
  • Bernhard Garn and Dimitris Simos, "Eris: A tool for combinatorial testing of the linux system call interface," in 2014 IEEE International Conference on Software Testing, Verification, and Validation Workshops, 2014. BibTeX | PDF
    @INPROCEEDINGS{Garn2014Eris,
      Author = {Bernhard Garn and Dimitris Simos},
      title = {Eris: A tool for combinatorial testing of the linux system call interface},
      booktitle = {2014 IEEE International Conference on Software Testing, Verification, and Validation Workshops},
      year = {2014},
      month = {3},
      pdf = {CT-Eris_ICSTW_2014.pdf},
      }
  • Ali Zand and Giovanni Vigna and Xifeng Yan and Christopher Kruegel, "Extracting Probable Command and Control Signatures for Detecting Botnets," in ACM Symposium on Applied Computing (SAC), 2014. BibTeX
    @INPROCEEDINGS{Zand2014Extracting,
      Author = {Ali Zand and Giovanni Vigna and Xifeng Yan and Christopher Kruegel},
      title = {Extracting Probable Command and Control Signatures for Detecting Botnets},
      booktitle = {ACM Symposium on Applied Computing (SAC)},
      year = {2014},
      month = {3},
      }
  • Sebastian Poeplau and Yanick Fratantonio and Antonio Bianchi and Christopher Kruegel and Giovanni Vigna, "Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications," in Usenix Network and Distributed System Security Symposium (NDSS), 2014. BibTeX
    @INPROCEEDINGS{Poeplau2014Execute,
      Author = {Sebastian Poeplau and Yanick Fratantonio and Antonio Bianchi and Christopher Kruegel and Giovanni Vigna},
      title = {Execute This! Analyzing Unsafe and Malicious Dynamic Code Loading in Android Applications},
      booktitle = {Usenix Network and Distributed System Security Symposium (NDSS)},
      year = {2014},
      month = {2},
      }
  • Luca Invernizzi and Stanislav Miskovic and Ruben Torres and Sabyasachi Saha and Sung-Ju Lee and Marco Mellia and Christopher Kruegel and Giovanni Vigna, "Nazca: Detecting Malware Distribution in Large-Scale Networks," in Usenix Network and Distributed System Security Symposium (NDSS), 2014. BibTeX
    @INPROCEEDINGS{Invernizzi2014Nazca,
      Author = {Luca Invernizzi and Stanislav Miskovic and Ruben Torres and Sabyasachi Saha and Sung-Ju Lee and Marco Mellia and Christopher Kruegel and Giovanni Vigna},
      title = {Nazca: Detecting Malware Distribution in Large-Scale Networks},
      booktitle = {Usenix Network and Distributed System Security Symposium (NDSS)},
      year = {2014},
      month = {2},
      }
  • Stefanie Beyer and Martin Schmiedecker and Sebastian Schrittwieser and Markus Huber and Edgar R. Weippl, "Towards Fully Automated Digital Alibis with Social Interaction," in Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics, 2014. BibTeX | PDF | Slides | Src
    @INPROCEEDINGS{ifip119_2014_alibi,
      Author = {Stefanie Beyer and Martin Schmiedecker and Sebastian Schrittwieser and Markus Huber and {Edgar R.} Weippl},
      title = {Towards Fully Automated Digital Alibis with Social Interaction},
      booktitle = {Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics},
      year = {2014},
      month = {1},
      pdf = {alibigenerator_preprint.pdf},
      link_source = {https://github.com/mmulazzani/alibiFramework},
      link_slides = {http://www.slideshare.net/SBAResearch/digitale-alibis-ifip},
      }
  • Sebastian Neuner and Victor Van der Veen and Martina Lindorfer and Markus Huber and Georg Merzdovnik and Martin Schmiedecker and Edgar R. Weippl, "Enter Sandbox: Android Sandbox Comparison," in Proceedings of the IEEE Mobile Security Technologies Workshop (MoST), 2014. BibTeX | PDF | Slides
    @INPROCEEDINGS{Neuner2014Enter,
      Author = {Sebastian Neuner and Victor {Van der Veen} and Martina Lindorfer and Markus Huber and Georg Merzdovnik and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Enter Sandbox: Android Sandbox Comparison},
      booktitle = {Proceedings of the IEEE Mobile Security Technologies Workshop (MoST)},
      year = {2014},
      month = {5},
      pdf = {mostAndroid.pdf},
      publisher = {IEEE},
      link_slides = {http://www.slideshare.net/SBAResearch/enter-sandbox-android-sandbox-comparison},
      }
  • Andreas Bernauer and Josip Bozic and Dimitris Simos and Severin Winkler and Franz Wotawa, "Retaining consistency for knowledge-based security testing," in 27th International Conference on Industrial, Engineering & Other Applications of Applied Intelligent Systems, 2014. BibTeX | PDF
    @INPROCEEDINGS{Bernauer2014Retaining,
      Author = {Andreas Bernauer and Josip Bozic and Dimitris Simos and Severin Winkler and Franz Wotawa},
      title = {Retaining consistency for knowledge-based security testing},
      booktitle = {27th International Conference on Industrial, Engineering & Other Applications of Applied Intelligent Systems},
      year = {2014},
      month = {6},
      pdf = {ieaaie2014_kb.pdf},
      }
  • Gabriela Varona Cervantes and Stefan Fenz, "How to assess confidentiality requirements of corporate assets?," in 29th IFIP TC 11 International Conference (IFIP SEC 2014), 2014. BibTeX
    @INPROCEEDINGS{Cervantes2014assess,
      Author = {{Gabriela Varona} Cervantes and Stefan Fenz},
      title = {How to assess confidentiality requirements of corporate assets?},
      booktitle = {29th IFIP TC 11 International Conference (IFIP SEC 2014)},
      year = {2014},
      month = {6},
      }
  • Nardella Kathleen and Brown Ross and Simone Kriglstein, "Storyboard Augmentation of Process Model Grammars for Stakeholder Communication," in In Proceedings of IVAPP 2014 International Conference on Information Visualization Theory and Applications, 2014. BibTeX
    @INPROCEEDINGS{Kathleen_Storyboard_Augmentation_of_Pro_2014,
      Author = {Nardella Kathleen and Brown Ross and Simone Kriglstein},
      title = {Storyboard Augmentation of Process Model Grammars for Stakeholder Communication},
      booktitle = {In Proceedings of IVAPP 2014 International Conference on Information Visualization Theory and Applications},
      year = {2014},
      month = {1},
      }
  • Christoph Hochreiner and Zhendong Ma and Peter Kieseberg and Sebastian Schrittwieser and Edgar R. Weippl, "Using Model Driven Security Approaches in Web Application Development," in AsiaARES (The 2014 Asian Conference on Availability, Reliability and Security), 2014. BibTeX | PDF
    @INPROCEEDINGS{Hochreiner2014Using,
      Author = {Christoph Hochreiner and Zhendong Ma and Peter Kieseberg and Sebastian Schrittwieser and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Using Model Driven Security Approaches in Web Application Development },
      booktitle = {AsiaARES (The 2014 Asian Conference on Availability, Reliability and Security)},
      year = {2014},
      month = {4},
      pdf = {UsingModelDrivenSecurityApproachesinWebApplicationDevelopment.pdf},
      }
  • Robin Mueller and Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Edgar R. Weippl, "What is new with whatsapp & co.? Revisiting the security of smartphone messaging applications," in iiWas 2014, 2014. BibTeX | PDF
    @INPROCEEDINGS{Mueller2014Whats,
      Author = {Robin Mueller and Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and {Edgar R.} Weippl},
      title = {What is new with whatsapp & co.? Revisiting the security of smartphone messaging applications},
      booktitle = {iiWas 2014},
      year = {2014},
      month = {12},
      pdf = {WhatsApp-iiwas-paper_cameraready.pdf},
      }
  • Christian Kadluba and Martin Schmiedecker and Lorenz Zechner and Sebastian Neuner and Edgar R. Weippl, "Windows Installer Security," in Sixth ASE International Conference on Privacy, Security, Risk and Trust (PASSAT 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Kadluba2014Windows,
      Author = {Christian Kadluba and Martin Schmiedecker and Lorenz Zechner and Sebastian Neuner and {Edgar R.} Weippl},
      title = {Windows Installer Security},
      booktitle = {Sixth ASE International Conference on Privacy, Security, Risk and Trust (PASSAT 2014)},
      year = {2014},
      month = {12},
      pdf = {Sebastian Neuner msiInstaller.pdf},
      }
  • Tomasz Miksa and Rudolf Mayer and Marco Unterberger and Andreas Rauber, "Resilient Web Services for Timeless Business Processes," in 16th International Conference on Information Integration and Web-based Applications and Services (iiWAS2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Miksa2014Resilient,
      Author = {Tomasz Miksa and Rudolf Mayer and Marco Unterberger and Andreas Rauber},
      title = {Resilient Web Services for Timeless Business Processes},
      booktitle = {16th International Conference on Information Integration and Web-based Applications and Services (iiWAS2014)},
      year = {2014},
      month = {12},
      pdf = {Miksa_iiwas14 Resilient Web Services.pdf},
      }
  • Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christian Stummer and Christine Strauss, "Evolving Secure Information Systems through Attack Simulation," in 47th Hawaii International Conference on System Science, 2014. BibTeX | PDF
    @INPROCEEDINGS{Kiesling2014Evolving,
      Author = {Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christian Stummer and Christine Strauss},
      title = {Evolving Secure Information Systems through Attack Simulation},
      booktitle = {47th Hawaii International Conference on System Science},
      year = {2014},
      month = {1},
      pdf = {HICSS46_Submission_final.pdf},
      }
  • Per Larsen and Andrei Homescu and Stefan Brunthaler and Michael Franz, "SoK: Automated Software Diversity," in 2014 IEEE Symposium on Security and Privacy, 2014. BibTeX | PDF
    @INPROCEEDINGS{Larsen2014SoK,
      Author = {Per Larsen and Andrei Homescu and Stefan Brunthaler and Michael Franz},
      title = {SoK: Automated Software Diversity},
      booktitle = {2014 IEEE Symposium on Security and Privacy},
      year = {2014},
      month = {5},
      pdf = {sp14b.pdf},
      }
  • Nick Nikiforakis and Federico Maggi and Gianluca Stringhini and M. Zubair Rafique and Wouter Joosen and Christopher Kruegel and Frank Piessens and Giovanni Vigna and Stefano Zanero, "Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services," in International World Wide Web Conference (WWW), 2014. BibTeX
    @INPROCEEDINGS{Nikiforakis2014Stranger,
      Author = {Nick Nikiforakis and Federico Maggi and Gianluca Stringhini and {M. Zubair} Rafique and Wouter Joosen and Christopher Kruegel and Frank Piessens and Giovanni Vigna and Stefano Zanero},
      title = {Stranger Danger: Exploring the Ecosystem of Ad-based URL Shortening Services},
      booktitle = {International World Wide Web Conference (WWW)},
      year = {2014},
      month = {4},
      }
  • Collin Mulliner and William Robertson and Engin Kirda, "Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces," in IEEE Symposium on Security and Privacy (S&P), 2014. BibTeX | PDF | Slides
    @INPROCEEDINGS{Mulliner2014Hidden,
      Author = {Collin Mulliner and William Robertson and Engin Kirda},
      title = {Hidden GEMs: Automated Discovery of Access Control Vulnerabilities in Graphical User Interfaces},
      booktitle = {IEEE Symposium on Security and Privacy (S&P)},
      year = {2014},
      month = {5},
      pdf = {http://seclab.ccs.neu.edu/static/publications/sp2014gemminer.pdf},
      link_slides = {http://mulliner.org/collin/academic/publications/hiddengems.pdf},
      }
  • Bernhard Hoisl and Stefan Sobernig and Mark Strembeck, "Comparing Three Notations for Defining Scenario-based Model Tests: A Controlled Experiment," in 9th International Conference on the Quality of Information and Communications Technology, 2014, pp. 41-52. BibTeX | PDF
    @INPROCEEDINGS{Hoisl2014Comparing,
      Author = {Bernhard Hoisl and Stefan Sobernig and Mark Strembeck},
      title = {Comparing Three Notations for Defining Scenario-based Model Tests: A Controlled Experiment},
      booktitle = {9th International Conference on the Quality of Information and Communications Technology},
      year = {2014},
      month = {9},
      pdf = {Comparing three notations.pdf},
      pages = {41-52},
      publisher = {ACM},
      }
  • Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and A Min Tjoa, "Multi-Actor Urban Energy Planning Support: Building refurbishment and building-integrated Solar PV," in 28th EnviroInfo Conference, 2014. BibTeX
    @INPROCEEDINGS{Ouhajjou2014MultiActor,
      Author = {Najd Ouhajjou and Wolfgang Loibl and Stefan Fenz and {A Min} Tjoa},
      title = {Multi-Actor Urban Energy Planning Support: Building refurbishment and building-integrated Solar PV},
      booktitle = {28th EnviroInfo Conference},
      year = {2014},
      month = {9},
      }
  • Jacopo Corbetta and Luca Invernizzi and Christopher Kruegel and Giovanni Vigna, "17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)," in Eyes of a Human, Eyes of a Program: Leveraging Different Views of the Web for Analysis and Detection, 2014. BibTeX | PDF
    @INPROCEEDINGS{Corbetta201417th,
      Author = {Jacopo Corbetta and Luca Invernizzi and Christopher Kruegel and Giovanni Vigna},
      title = {17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)},
      booktitle = {Eyes of a Human, Eyes of a Program: Leveraging Different Views of the Web for Analysis and Detection},
      year = {2014},
      month = {9},
      pdf = {https://www.cs.ucsb.edu/~vigna/publications/2014_RAID_EagleEye.pdf},
      }
  • Kathrin Figl and Mark Strembeck, "On the Importance of Flow Direction in Business Process Models," in 9th International Conference on Software Engineering and Applications (ICSOFT-EA), 2014. BibTeX | PDF
    @INPROCEEDINGS{Figl2014Importance,
      Author = {Kathrin Figl and Mark Strembeck},
      title = {On the Importance of Flow Direction in Business Process Models},
      booktitle = {9th International Conference on Software Engineering and Applications (ICSOFT-EA)},
      year = {2014},
      month = {8},
      pdf = {http://wi.wu-wien.ac.at/home/mark/publications/icsoft-ea14.pdf},
      }
  • Heidelinde Hobel and Andrew U. Frank, "Exploiting Linked Spatial Data and Granularity Transformations," in Workshop on Geographic Information Observatories 2014, 2014. BibTeX | PDF
    @INPROCEEDINGS{Hobel2014Exploiting,
      Author = {Heidelinde Hobel and {Andrew U.} Frank},
      title = {Exploiting Linked Spatial Data and Granularity Transformations},
      booktitle = {Workshop on Geographic Information Observatories 2014},
      year = {2014},
      month = {10},
      pdf = {http://ceur-ws.org/Vol-1273/paper2.pdf},
      }
  • Rudolf Mayer and Johannes Binder and Stephan Strodl and Andreas Rauber, "Automatic discovery of preservation alternatives supported by community maintained knowledge bases," in 11th International Conference on Digital Preservation (iPres 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Mayer2014Automatic,
      Author = {Rudolf Mayer and Johannes Binder and Stephan Strodl and Andreas Rauber},
      title = {Automatic discovery of preservation alternatives supported by community maintained knowledge bases},
      booktitle = {11th International Conference on Digital Preservation (iPres 2014)},
      year = {2014},
      month = {10},
      pdf = {http://www.ifs.tuwien.ac.at/%7Emayer/publications/pdf/may_ipres14-preservationAlternatives.pdf},
      }
  • Tomasz Miksa and Rudolf Mayer and Stephan Strodl and Andreas Rauber and Ricardo Vieira and Goncalo Antunes, "Risk driven selection of preservation activities for increasing sustainability of open source systems and workflows," in The 11th International Conference on Digital Preservation (iPres 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Miksa2014Risk,
      Author = {Tomasz Miksa and Rudolf Mayer and Stephan Strodl and Andreas Rauber and Ricardo Vieira and Goncalo Antunes},
      title = {Risk driven selection of preservation activities for increasing sustainability of open source systems and workflows},
      booktitle = {The 11th International Conference on Digital Preservation (iPres 2014)},
      year = {2014},
      month = {10},
      pdf = {http://www.ifs.tuwien.ac.at/~mayer/publications/pdf/mik_ipres14-riskDriven.pdf},
      }
  • Rudolf Mayer and Tomasz Miksa and Andreas Rauber, "Ontologies for describing the context of scientific experiment processes," in 10th International Conference on e-Science, 2014. BibTeX | PDF
    @INPROCEEDINGS{Mayer2014Ontologies,
      Author = {Rudolf Mayer and Tomasz Miksa and Andreas Rauber},
      title = {Ontologies for describing the context of scientific experiment processes},
      booktitle = {10th International Conference on e-Science},
      year = {2014},
      month = {10},
      pdf = {http://www.ifs.tuwien.ac.at/~mayer/publications/pdf/may_escience14.pdf},
      }
  • Alberto Escalada Jimenez and Adrian Dabrowski and Juan M. Montero Martinez and Isao Echizen, "Tag Detection for Preventing Unauthorized Face Image Processing," in Proceedings of the 13th International Workshop on Digital-Forensics and Watermarking (IWDW 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Jimenez2014Detection,
      Author = {{Alberto Escalada} Jimenez and Adrian Dabrowski and {Juan M.} {Montero Martinez} and Isao Echizen},
      title = {Tag Detection for Preventing Unauthorized Face Image Processing},
      booktitle = {Proceedings of the 13th International Workshop on Digital-Forensics and Watermarking (IWDW 2014)},
      year = {2014},
      month = {10},
      pdf = {judmayer_KNX_wfcs2014.pdf},
      }
  • Mark Murphy and Per Larsen and Stefan Brunthaler and Michael Franz, "Software Profiling Options and Their Effects on Security Based Diversification," in 1st ACM Workshop on Moving Target Defense (MTD 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Murphy2014Software,
      Author = {Mark Murphy and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {Software Profiling Options and Their Effects on Security Based Diversification},
      booktitle = {1st ACM Workshop on Moving Target Defense (MTD 2014)},
      year = {2014},
      month = {11},
      pdf = {mtd14.pdf},
      }
  • Adrian Dabrowski and Katharina Krombholz and Johanna Ullrich and Edgar R. Weippl, "QR – Inception: Barcode in Barcode Attacks," in 4th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM), 2014. BibTeX | PDF | Slides
    @INPROCEEDINGS{Dabrowski2014Inception,
      Author = {Adrian Dabrowski and Katharina Krombholz and Johanna Ullrich and {Edgar R.} Weippl},
      title = {QR - Inception: Barcode in Barcode Attacks},
      booktitle = {4th Annual ACM CCS Workshop on Security and Privacy in Smartphones and Mobile Devices (SPSM)},
      year = {2014},
      month = {11},
      pdf = {qrinception.pdf},
      link_slides = {http://www.slideshare.net/SBAResearch/qrinception-barcode-in-barcode-attacks},
      }
  • Christoph Hochreiner and Markus Huber and Georg Merzdovnik and Edgar R. Weippl, "Towards Practical Methods to Protect the Privacy of Location Information with Mobile Devices," in SINCONF 2014 (Conference on Security of Information and Networks), 2014. BibTeX | PDF
    @INPROCEEDINGS{Hochreiner2014Towards,
      Author = {Christoph Hochreiner and Markus Huber and Georg Merzdovnik and {Edgar R.} Weippl},
      title = {Towards Practical Methods to Protect the Privacy of Location Information with Mobile Devices },
      booktitle = {SINCONF 2014 (Conference on Security of Information and Networks)},
      year = {2014},
      month = {9},
      pdf = {sinconf_preprint.pdf},
      }
  • Stevens Le Blond and Adina Uritesc and Cedric Gilbert and Zheng Leong Chua and Prateek Saxena and Engin Kirda, "A Look at Targeted Attacks through the Lense of an NGO," in USENIX Security Symposium, 2014. BibTeX | PDF
    @INPROCEEDINGS{LeBlond2014Look,
      Author = {Stevens {Le Blond} and Adina Uritesc and Cedric Gilbert and {Zheng Leong} Chua and Prateek Saxena and Engin Kirda},
      title = {A Look at Targeted Attacks through the Lense of an NGO},
      booktitle = {USENIX Security Symposium},
      year = {2014},
      month = {8},
      pdf = {https://www.mpi-sws.org/~stevens/pubs/sec14.pdf},
      }
  • Sevtap Duman and Kaan Onarlioglu and Ali Osman Ulusoy and William Robertson and Engin Kirda, "TrueClick: Automatically Distinguishing Trick Banners from Genuine Download Links," in Annual Computer Security Applications Conference (ACSAC), 2014. BibTeX | PDF
    @INPROCEEDINGS{Duman2014TrueClick,
      Author = {Sevtap Duman and Kaan Onarlioglu and {Ali Osman} Ulusoy and William Robertson and Engin Kirda},
      title = {TrueClick: Automatically Distinguishing Trick Banners from Genuine Download Links},
      booktitle = {Annual Computer Security Applications Conference (ACSAC)},
      year = {2014},
      month = {12},
      pdf = {https://wkr.io/assets/publications/acsac2014trueclick.pdf},
      }
  • Martina Lindorfer and Matthias Neugschwandtner and Lukas Weichselbaum and Yanick Fratantonio and Victor Van der Veen and Christian Platzer, "Andrubis – 1,000,000 Apps Later: A View on Current Android Malware Behaviors," in Proceedings of the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), 2014. BibTeX | PDF
    @INPROCEEDINGS{Lindorfer2014Andrubis,
      Author = {Martina Lindorfer and Matthias Neugschwandtner and Lukas Weichselbaum and Yanick Fratantonio and Victor {Van der Veen} and Christian Platzer},
      title = {Andrubis - 1,000,000 Apps Later: A View on Current Android Malware Behaviors},
      booktitle = {Proceedings of the 3rd International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS)},
      year = {2014},
      month = {9},
      pdf = {http://iseclab.org/papers/andrubis_badgers14.pdf},
      }
  • Jacopo Corbetta and Luca Invernizzi and Christopher Kruegel and Giovanni Vigna, "Eyes of a Human, Eyes of a Program: Leveraging Different Views of the Web for Analysis and Detection," in 17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2014. BibTeX | PDF
    @INPROCEEDINGS{Corbetta2014Eyes,
      Author = {Jacopo Corbetta and Luca Invernizzi and Christopher Kruegel and Giovanni Vigna},
      title = {Eyes of a Human, Eyes of a Program: Leveraging Different Views of the Web for Analysis and Detection},
      booktitle = {17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)},
      year = {2014},
      month = {9},
      pdf = {https://www.cs.ucsb.edu/~vigna/publications/2014_RAID_EagleEye.pdf},
      }
  • Gianluca Stringhini and Oliver Hohlfeld and Christopher Kruegel and Giovanni Vigna, "The Harvester, the Botmaster, and the Spammer: On the Relations Between the Different Actors in the Spam Landscape," in ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), 2014. BibTeX | PDF
    @INPROCEEDINGS{Stringhini2014Harvester,
      Author = {Gianluca Stringhini and Oliver Hohlfeld and Christopher Kruegel and Giovanni Vigna},
      title = {The Harvester, the Botmaster, and the Spammer: On the Relations Between the Different Actors in the Spam Landscape},
      booktitle = {ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS)},
      year = {2014},
      month = {6},
      pdf = {http://cs.ucsb.edu/~gianluca/papers/harvesters-asiaccs2014.pdf},
      }
  • Collin Mulliner and William Robertson and Engin Kirda, "VirtualSwindle: An Automated Attack Against In-App Billing on Android," in ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2014. BibTeX | PDF
    @INPROCEEDINGS{Mulliner2014VirtualSwindle,
      Author = {Collin Mulliner and William Robertson and Engin Kirda},
      title = {VirtualSwindle: An Automated Attack Against In-App Billing on Android},
      booktitle = {ACM Symposium on Information, Computer and Communications Security (ASIACCS)},
      year = {2014},
      month = {6},
      pdf = {http://www.mulliner.org/collin/academic/publications/asia226-mulliner.pdf},
      }
  • Amin Kharraz and Engin Kirda and William Robertson and Davide Balzarotti and Aurelien Francillon, "Optical Delusions: A Study of Malicious QR Codes in the Wild," in International Conference on Dependable Systems and Networks (DSN), 2014. BibTeX | PDF
    @INPROCEEDINGS{Kharraz2014Optical,
      Author = {Amin Kharraz and Engin Kirda and William Robertson and Davide Balzarotti and Aurelien Francillon},
      title = {Optical Delusions: A Study of Malicious QR Codes in the Wild},
      booktitle = {International Conference on Dependable Systems and Networks (DSN)},
      year = {2014},
      month = {6},
      pdf = {http://s3.eurecom.fr/docs/dsn14_amin.pdf},
      }
  • Christian Platzer and Martin Stuetz and Martina Lindorfer, "Skin Sheriff: A Machine Learning Solution for Detecting Explicit Images," in iProceedings of the 2nd International Workshop on Securty and Forensics in Communication Systems (ASIACCS SFCS), 2014. BibTeX | PDF
    @INPROCEEDINGS{Platzer2014Skin,
      Author = {Christian Platzer and Martin Stuetz and Martina Lindorfer},
      title = {Skin Sheriff: A Machine Learning Solution for Detecting Explicit Images},
      booktitle = {iProceedings of the 2nd International Workshop on Securty and Forensics in Communication Systems (ASIACCS SFCS)},
      year = {2014},
      month = {6},
      pdf = {http://iseclab.org/people/cplatzer/papers/sfcs05-platzer.pdf},
      }
  • Giancarlo De Maio and Alexandros Kapravelos and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna, "PExy: The other side of Exploit Kits," in Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA), 2014. BibTeX | PDF
    @INPROCEEDINGS{DeMaio2014PExy,
      Author = {Giancarlo {De Maio} and Alexandros Kapravelos and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna},
      title = {PExy: The other side of Exploit Kits},
      booktitle = {Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA)},
      year = {2014},
      month = {7},
      pdf = {http://cs.ucsb.edu/~kapravel/publications/dimva14_pexy.pdf},
      }
  • Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler, "On the applicability of combinatorial testing to web application security testing: A case study," in 2014 Workshop on Joining AcadeMiA and Industry Contributions to Test Automation and Model-Based Testing, 2014. BibTeX | PDF
    @INPROCEEDINGS{Garn2014applicability,
      Author = {Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler},
      title = {On the applicability of combinatorial testing to web application security testing: A case study},
      booktitle = { 2014 Workshop on Joining AcadeMiA and Industry Contributions to Test Automation and Model-Based Testing},
      year = {2014},
      month = {7},
      pdf = {combinatorial testing 4pentesteval_jamaica_2014.pdf},
      }
  • Johannes Binder and Stephan Strodl and Andreas Rauber, "Process Migration Framework – Virtualising and Documenting Business Processes," in 18th IEEE International Enterprise Distributed Object Computing Conference Workshops and Demonstrations, (EDOCW 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Binder2014Process,
      Author = {Johannes Binder and Stephan Strodl and Andreas Rauber},
      title = {Process Migration Framework - Virtualising and Documenting Business Processes},
      booktitle = {18th IEEE International Enterprise Distributed Object Computing Conference Workshops and Demonstrations, (EDOCW 2014)},
      year = {2014},
      month = {9},
      pdf = {http://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6975390},
      }
  • Tomasz Miksa and Ricardo Vieira and Jose Barateiro and Andreas Rauber, "VPlan – Ontology for Collection of Process Verification Data," in International Conference on Digital Preservation, 2014. BibTeX | PDF
    @INPROCEEDINGS{Miksa2014VPlan,
      Author = {Tomasz Miksa and Ricardo Vieira and Jose Barateiro and Andreas Rauber},
      title = {VPlan - Ontology for Collection of Process Verification Data},
      booktitle = {International Conference on Digital Preservation},
      year = {2014},
      month = {10},
      pdf = {ontology for collection-ipres2014.pdf},
      }
  • Jane Iedemska and Gianluca Stringhini and Richard Kemmerer and Christopher Kruegel and Giovanni Vigna, "The Tricks of the Trade: What Makes Spam Campaigns Successful?," in International Workshop on Cyber Crime (IWCC), 2014. BibTeX | PDF | Slides
    @INPROCEEDINGS{Iedemska2014Tricks,
      Author = {Jane Iedemska and Gianluca Stringhini and Richard Kemmerer and Christopher Kruegel and Giovanni Vigna},
      title = {The Tricks of the Trade: What Makes Spam Campaigns Successful?},
      booktitle = {International Workshop on Cyber Crime (IWCC)},
      year = {2014},
      month = {5},
      pdf = {http://www0.cs.ucl.ac.uk/staff/G.Stringhini/papers/cutwail-iwcc.pdf},
      link_slides = {http://de.slideshare.net/gianlucastringhini/iwcc-2014},
      }
  • Sebastian Schrittwieser and Stefan Katzenbeisser and Georg Merzdovnik and Peter Kieseberg and Edgar R. Weippl, "AES-SEC: Improving software obfuscation through hardware-assistance," in ARES 2014, 2014. BibTeX | PDF
    @INPROCEEDINGS{Schrittwieser2014AESSEC,
      Author = {Sebastian Schrittwieser and Stefan Katzenbeisser and Georg Merzdovnik and Peter Kieseberg and {Edgar R.} Weippl},
      title = {AES-SEC: Improving software obfuscation through hardware-assistance },
      booktitle = {ARES 2014},
      year = {2014},
      month = {9},
      pdf = {http://ieeexplore.ieee.org/document/6980281/},
      }
  • David Hopfmueller and Sigrid Schefer Wenzl and Mark Strembeck, "Kaskadierender Widerruf von Delegationen in prozessbasierten Informationssystemen," in 44. Jahrestagung der Gesellschaft für Informatik (GI), 2014. BibTeX | PDF
    @INPROCEEDINGS{Hopfmueller2014Kaskadierender,
      Author = {David Hopfmueller and Sigrid Schefer Wenzl and Mark Strembeck},
      title = {Kaskadierender Widerruf von Delegationen in prozessbasierten Informationssystemen},
      booktitle = {44. Jahrestagung der Gesellschaft für Informatik (GI)},
      year = {2014},
      month = {9},
      pdf = {http://wi.wu.ac.at/home/mark/publications/informatik14-extended.pdf},
      }
  • Sigrid Schefer Wenzl and Helena Bukvova and Mark Strembeck, "A Review of Delegation and Break-Glass Models for Flexible Access Control Management," in 6th Workshop on Applications of Knowledge-Based Technologies in Business (AKTB), 2014. BibTeX | PDF
    @INPROCEEDINGS{Wenzl2014Review,
      Author = {Sigrid Schefer Wenzl and Helena Bukvova and Mark Strembeck},
      title = {A Review of Delegation and Break-Glass Models for Flexible Access Control Management},
      booktitle = {6th Workshop on Applications of Knowledge-Based Technologies in Business (AKTB)},
      year = {2014},
      month = {5},
      pdf = {http://wi.wu.ac.at/home/mark/publications/aktb14.pdf},
      }
  • Alexandros Kapravelos and Chris Grier and Neha Chachra and Christopher Kruegel and Giovanni Vigna and Vern Paxson, "Hulk: Eliciting Malicious Behavior in Browser Extensions," in 23rd Usenix Security Symposium, 2014. BibTeX | PDF
    @INPROCEEDINGS{Kapravelos2014Hulk,
      Author = {Alexandros Kapravelos and Chris Grier and Neha Chachra and Christopher Kruegel and Giovanni Vigna and Vern Paxson},
      title = {Hulk: Eliciting Malicious Behavior in Browser Extensions},
      booktitle = {23rd Usenix Security Symposium},
      year = {2014},
      month = {8},
      pdf = {http://www.icir.org/vern/papers/hulk-usesec14.pdf},
      }
  • Josip Bozic and Dimitris Simos and Franz Wotawa, "Attack pattern-based combinatorial testing," in 9th International Workshop on Automation of Software Test (AST 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Bozic2014Attack,
      Author = {Josip Bozic and Dimitris Simos and Franz Wotawa},
      title = {Attack pattern-based combinatorial testing},
      booktitle = { 9th International Workshop on Automation of Software Test (AST 2014)},
      year = {2014},
      month = {5},
      pdf = {AST2014.pdf},
      }
  • Aleksandar Hudic and Katharina Krombholz and Thomas Otterbein and Christian Platzer and Edgar R. Weippl, "Automated Analysis of Underground Marketplaces," in Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics, 2014. BibTeX | PDF | Slides
    @INPROCEEDINGS{Hudic2014Automated,
      Author = {Aleksandar Hudic and Katharina Krombholz and Thomas Otterbein and Christian Platzer and {Edgar R.} Weippl},
      title = {Automated Analysis of Underground Marketplaces},
      booktitle = {Tenth Annual IFIP WG 11.9 International Conference on Digital Forensics},
      year = {2014},
      month = {1},
      pdf = {undergroundmarketplaces.pdf},
      link_slides = {http://de.slideshare.net/SBAResearch/automated-analysis-of-underground-marketplaces-42099600},
      }
  • Kevin R. Page and Raul Palma and Piotr Holubowicz and Graham Klyne and Stian Soiland-Reyes and Daniel Garijo and Khalid Belhajjame and Rudolf Mayer, "Research objects for audio processing:capturing semantics for reproducibility," in 53rd AES International Conference on Semantic Audio (AES 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Page2014Research,
      Author = {{Kevin R.} Page and Raul Palma and Piotr Holubowicz and Graham Klyne and Stian Soiland-Reyes and Daniel Garijo and Khalid Belhajjame and Rudolf Mayer},
      title = {Research objects for audio processing:capturing semantics for reproducibility},
      booktitle = {53rd AES International Conference on Semantic Audio (AES 2014)},
      year = {2014},
      month = {1},
      pdf = {http://www.ifs.tuwien.ac.at/%7Emayer/publications/pdf/pag_aes14.pdf},
      }
  • Peter Fruehwirt and Sebastian Schrittwieser and Edgar R. Weippl, "Using machine learning techniques for traffic classification and preliminary surveying of an attackers profile," in International Conference on Privacy, Security, Risk and Trust, 2014. BibTeX | PDF
    @INPROCEEDINGS{Fruehwirt2014Using,
      Author = {Peter Fruehwirt and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Using machine learning techniques for traffic classification and preliminary surveying of an attackers profile},
      booktitle = {International Conference on Privacy, Security, Risk and Trust},
      year = {2014},
      month = {12},
      pdf = {using machine learning_paper.pdf},
      }
  • Shareeful Islam and Edgar R. Weippl and Katharina Krombholz, "A Decision Framework Model for Migration into Cloud: Business, Application, Security and Privacy Perspectives," in IIWAS 2014, 2014. BibTeX | PDF
    @INPROCEEDINGS{Islam2014Decision,
      Author = {Shareeful Islam and {Edgar R.} Weippl and Katharina Krombholz},
      title = {A Decision Framework Model for Migration into Cloud: Business, Application, Security and Privacy Perspectives},
      booktitle = {IIWAS 2014},
      year = {2014},
      month = {12},
      pdf = {09_iiwas_46.pdf},
      }
  • Bernhard Hoisl and Stefan Sobernig and Mark Strembeck, "Natural-Language Scenario Descriptions for Testing Core Language Models of Domain-specific Languages," in 2nd International Conference on Model-Driven Engineering and Software Development (MODELSWARD), 2014. BibTeX
    @INPROCEEDINGS{Hoisl2014NaturalLanguage,
      Author = {Bernhard Hoisl and Stefan Sobernig and Mark Strembeck},
      title = {Natural-Language Scenario Descriptions for Testing Core Language Models of Domain-specific Languages},
      booktitle = {2nd International Conference on Model-Driven Engineering and Software Development (MODELSWARD)},
      year = {2014},
      month = {1},
      }
  • Peter Fruehwirt and Peter Kieseberg and Edgar R. Weippl, "Testen der Integrität von Datenbanken mit Hilfe von Transaction-Logs," in ASQT, 2014. BibTeX
    @INPROCEEDINGS{Fruehwirt2014Testen,
      Author = {Peter Fruehwirt and Peter Kieseberg and {Edgar R.} Weippl},
      title = {Testen der Integrität von Datenbanken mit Hilfe von Transaction-Logs},
      booktitle = {ASQT},
      year = {2014},
      month = {9},
      }
  • Vesna Dimitrova and M. Kostadinovski and Z. Trajcheska and M. Petkovska and Damjan Buhov, "Some Cryptanalysis of the Block Cipher BCMPQ," in ICT Innovations 2014, 2014. BibTeX | PDF
    @INPROCEEDINGS{Dimitrova2014Some,
      Author = {Vesna Dimitrova and M. Kostadinovski and Z. Trajcheska and M. Petkovska and Damjan Buhov},
      title = {Some Cryptanalysis of the Block Cipher BCMPQ},
      booktitle = {ICT Innovations 2014},
      year = {2014},
      month = {9},
      pdf = {http://proceedings.ictinnovations.org/attachment/paper/306/some-cryptanalysis-of-the-block-cipher-bcmpq.pdf},
      }
  • Martina Lindorfer and Stamatis Volanis and Alessandro Sisto and Matthias Neugschwandtner and Elias Athanasopoulos and Federico Maggi and Christian Platzer and Stefano Zanero and Sotiris Ioannidis, "AndRadar: Fast Discovery of Android Applications in Alternative Markets," in DetectionProceedings of the 11th Conference on of Intrusions and Malware & Vulnerability Assessment (DIMVA), 2014. BibTeX | PDF
    @INPROCEEDINGS{Lindorfer2014AndRadar,
      Author = {Martina Lindorfer and Stamatis Volanis and Alessandro Sisto and Matthias Neugschwandtner and Elias Athanasopoulos and Federico Maggi and Christian Platzer and Stefano Zanero and Sotiris Ioannidis},
      title = {AndRadar: Fast Discovery of Android Applications in Alternative Markets},
      booktitle = {DetectionProceedings of the 11th Conference on of Intrusions and Malware & Vulnerability Assessment (DIMVA)},
      year = {2014},
      month = {7},
      pdf = {http://iseclab.org/papers/andradar_dimva14.pdf},
      }
  • Stefanie Falkner and Peter Kieseberg and Dimitris Simos and Christina Traxler and Edgar R. Weippl, "E-voting authentication with QR-codes," in 2nd International Conference on Human Aspects of Information Security, Privacy, and Trust, 2014. BibTeX | PDF
    @INPROCEEDINGS{Falkner2014Evoting,
      Author = {Stefanie Falkner and Peter Kieseberg and Dimitris Simos and Christina Traxler and {Edgar R.} Weippl},
      title = {E-voting authentication with QR-codes},
      booktitle = {2nd International Conference on Human Aspects of Information Security, Privacy, and Trust},
      year = {2014},
      month = {0},
      pdf = {evoting_final_HCI_2014.pdf},
      }
  • Maciej Piec and Andreas Rauber, "Real-time screen watermarking using overlaying layer," in International Workshop on Digital Forensics (WSDF), 2014. BibTeX | PDF
    @INPROCEEDINGS{Piec2014Realtime,
      Author = {Maciej Piec and Andreas Rauber},
      title = {Real-time screen watermarking using overlaying layer},
      booktitle = {International Workshop on Digital Forensics (WSDF)},
      year = {2014},
      month = {0},
      pdf = {Piec2014Realtime.pdf},
      }
  • Andreas Ekelhart and Bernhard Grill and Elmar Kiesling and Christine Strauss and Christian Stummer, "Komplexe Systeme, heterogene Angreifer und vielfältige Abwehrmechanismen: Simulationsbasierte Entscheidungsunterstützung im IT-Sicherheitsmanagement," in Lecture Notes in Informatics GI-Edition, 2014. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart2014Komplexe,
      Author = {Andreas Ekelhart and Bernhard Grill and Elmar Kiesling and Christine Strauss and Christian Stummer},
      title = {Komplexe Systeme, heterogene Angreifer und vielfältige Abwehrmechanismen: Simulationsbasierte Entscheidungsunterstützung im IT-Sicherheitsmanagement},
      booktitle = {Lecture Notes in Informatics {GI-Edition}},
      year = {2014},
      month = {0},
      pdf = {Main.pdf},
      }
  • Kristian Beckers and Isabelle Cote and Stefan Fenz and Denis Hatebur and Maritta Heisel, "A Structured Comparison of Security Standard," in Advances in Engineering Secure Future Internet Services and Systems, 2014. BibTeX
    @INPROCEEDINGS{Beckers2014Structured,
      Author = {Kristian Beckers and Isabelle Cote and Stefan Fenz and Denis Hatebur and Maritta Heisel},
      title = {A Structured Comparison of Security Standard},
      booktitle = {Advances in Engineering Secure Future Internet Services and Systems},
      year = {2014},
      month = {0},
      }
  • Najd Ouhajjou and Wolfgang Loibl and Peter Palensky and Amin Anjomshoaa and Stefan Fenz and A Min Tjoa, "Robustness Against Data Availability Problems in Urban Energy Planning Support Software," in IEEE Eighth International Conference on Research Challenges in Information Science, 2014. BibTeX
    @INPROCEEDINGS{Ouhajjou2014Robustness,
      Author = {Najd Ouhajjou and Wolfgang Loibl and Peter Palensky and Amin Anjomshoaa and Stefan Fenz and {A Min} Tjoa},
      title = {Robustness Against Data Availability Problems in Urban Energy Planning Support Software},
      booktitle = {IEEE Eighth International Conference on Research Challenges in Information Science},
      year = {2014},
      month = {5},
      }
  • Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Adrian Dabrowski and Edgar R. Weippl, "IPv6 Security: Attacks and Countermeasures in a Nutshell," in 8th USENIX Workshop on Offensive Technologies (WOOT), 2014. BibTeX | PDF | Slides
    @INPROCEEDINGS{Ullrich2014IPv6,
      Author = {Johanna Ullrich and Katharina Krombholz and Heidelinde Hobel and Adrian Dabrowski and {Edgar R.} Weippl},
      title = {IPv6 Security: Attacks and Countermeasures in a Nutshell},
      booktitle = {8th USENIX Workshop on Offensive Technologies (WOOT)},
      year = {2014},
      month = {8},
      pdf = {Johanna IPv6.pdf},
      link_slides = {http://de.slideshare.net/SBAResearch/ipv6-security-attacks-and-countermeasures-in-a-nutshell},
      }
  • Stefan Proell and Andreas Rauber, "A Scalable Framework for Dynamic Data Citation of Arbitrary Structured Data," in 3rd International Conference on Data Management Technologies and Applications (DATA2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Proell2014Scalable,
      Author = {Stefan Proell and Andreas Rauber},
      title = {A Scalable Framework for Dynamic Data Citation of Arbitrary Structured Data},
      booktitle = {3rd International Conference on Data Management Technologies and Applications (DATA2014)},
      year = {2014},
      month = {8},
      pdf = {Scalable Framework_paper.pdf},
      }
  • Yinzhi Cao and Yan Shoshitaishvili and Kevin Borgolte and Christopher Kruegel and Giovanni Vigna and Yan Chen, "Protecting Web-based Single Sign-on Protocols against Relying Party Impersonation Attacks through a Dedicated Bi-directional Authenticated Secure Channel," in 17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID), 2014. BibTeX | PDF
    @INPROCEEDINGS{Cao2014Protecting,
      Author = {Yinzhi Cao and Yan Shoshitaishvili and Kevin Borgolte and Christopher Kruegel and Giovanni Vigna and Yan Chen},
      title = {Protecting Web-based Single Sign-on Protocols against Relying Party Impersonation Attacks through a Dedicated Bi-directional Authenticated Secure Channel},
      booktitle = {17th International Symposium on Research in Attacks, Intrusions and Defenses (RAID)},
      year = {2014},
      month = {9},
      pdf = {http://link.springer.com/chapter/10.1007/978-3-319-11379-1_14},
      }
  • Lisa Madlberger and Heidelinde Hobel and Andreas Thoeni and A Min Tjoa, "Analysing supplier locations using social and semantic data: a case study based on indonesian factories," in 14th International Conference on Knowledge Management and Data-driven Business, 2014. BibTeX | PDF
    @INPROCEEDINGS{Madlberger2014Analysing,
      Author = {Lisa Madlberger and Heidelinde Hobel and Andreas Thoeni and {A Min} Tjoa},
      title = {Analysing supplier locations using social and semantic data: a case study based on indonesian factories},
      booktitle = {14th International Conference on Knowledge Management and Data-driven Business},
      year = {2014},
      month = {9},
      pdf = {http://dl.acm.org/citation.cfm?id=2638418},
      }
  • Codruţ Stancu and Christian Wimmer and Stefan Brunthaler and Per Larsen and Michael Franz, "Comparing points-to static analysis with runtime recorded profiling data," in International Conference on Principles and Practices of Programming on the Java platform Virtual machines, Languages, and Tools (PPPJ 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Stancu2014Comparing,
      Author = {Codruţ Stancu and Christian Wimmer and Stefan Brunthaler and Per Larsen and Michael Franz},
      title = {Comparing points-to static analysis with runtime recorded profiling data},
      booktitle = {International Conference on Principles and Practices of Programming on the Java platform Virtual machines, Languages, and Tools (PPPJ 2014)},
      year = {2014},
      month = {9},
      pdf = {pppj14.pdf},
      }
  • Wei Zhang and Per Larsen and Stefan Brunthaler and Michael Franz, "Accelerating iterators in optimizing AST interpreters," in 2014 ACM International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA 2014), 2014. BibTeX | PDF
    @INPROCEEDINGS{Zhang2014Accelerating,
      Author = {Wei Zhang and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {Accelerating iterators in optimizing AST interpreters},
      booktitle = {2014 ACM International Conference on Object Oriented Programming Systems Languages and Applications (OOPSLA 2014)},
      year = {2014},
      month = {10},
      pdf = {oopsla14.pdf},
      }
  • Amir Herzberg and Haya Shulman and Johanna Ullrich and Edgar R. Weippl, "Cloudoscopy: Services Discovery and Topology Mapping," in Proceedings of the ACM Cloud Computing Security Workshop (CCSW) at ACM CCS 2013, 2013. BibTeX | PDF
    @INPROCEEDINGS{cv_workshop_229_2013_Cloudoscopy_weippl,
      Author = {Amir Herzberg and Haya Shulman and Johanna Ullrich and {Edgar R.} Weippl},
      sbahotlist = {true},
      title = {Cloudoscopy: Services Discovery and Topology Mapping },
      booktitle = {Proceedings of the ACM Cloud Computing Security Workshop (CCSW) at ACM CCS 2013},
      year = {2013},
      month = {11},
      pdf = {cloud_final.pdf},
      }
  • Martina Lindorfer and Matthias Neumayr and Juan Caballero and Christian Platzer, "POSTER: Cross-Platform Malware: Write Once, Infect Everywhere," in 20th ACM Conference on Computer and Communications Security (CCS), 2013. BibTeX
    @INPROCEEDINGS{Lindorfer2013POSTER,
      Author = {Martina Lindorfer and Matthias Neumayr and Juan Caballero and Christian Platzer},
      sbahotlist = {true},
      title = {POSTER: Cross-Platform Malware: Write Once, Infect Everywhere},
      booktitle = {20th ACM Conference on Computer and Communications Security (CCS)},
      year = {2013},
      month = {11},
      }
  • Matthias Neugschwandtner and Martina Lindorfer and Christian Platzer, "A View To A Kill: WebView Exploitation," in 6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), 2013. BibTeX
    @INPROCEEDINGS{Neugschwandtner2013View,
      Author = {Matthias Neugschwandtner and Martina Lindorfer and Christian Platzer},
      sbahotlist = {true},
      title = {A View To A Kill: WebView Exploitation},
      booktitle = {6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET)},
      year = {2013},
      month = {8},
      }
  • Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa, "A comprehensive building model for performance-guided decision support," in 2nd Central European Symposium on Building Physics (CESBP 2013), 2013. BibTeX
    @INPROCEEDINGS{Ghiassi2013comprehensive,
      Author = {Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
      title = {A comprehensive building model for performance-guided decision support},
      booktitle = {2nd Central European Symposium on Building Physics (CESBP 2013)},
      year = {2013},
      month = {9},
      }
  • Martin Schmiedecker and Philipp Reschl and Markus Huber and Manuel Leithner and Sebastian Schrittwieser and Edgar R. Weippl, "Fast and Reliable Browser Identification with JavaScript Engine Fingerprinting," in Web 2.0 Workshop on Security and Privacy (W2SP), 2013. BibTeX | PDF | Slides
    @INPROCEEDINGS{_Fast_and_Reliable_Browser_Iden_2013,
      Author = {Martin Schmiedecker and Philipp Reschl and Markus Huber and Manuel Leithner and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Fast and Reliable Browser Identification with JavaScript Engine Fingerprinting},
      booktitle = {Web 2.0 Workshop on Security and Privacy (W2SP)},
      year = {2013},
      month = {5},
      pdf = {jsfingerprinting.pdf},
      link_slides = {http://www.slideshare.net/SBAResearch/fast-and-efficient-browser-identification-with-javascript-engine-fingerprinting},
      }
  • Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer, "Simulation-based optimization of information security controls: An adversary-centric approach," in Proceedings of the Winter Simulation Conference 2013, 2013. BibTeX | PDF
    @INPROCEEDINGS{Kiesling_Simulation_based_optimization__2013,
      Author = {Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer},
      title = {Simulation-based optimization of information security controls: An adversary-centric approach},
      booktitle = {Proceedings of the Winter Simulation Conference 2013},
      year = {2013},
      month = {7},
      pdf = {WSC_2013_Moses3 - final.pdf},
      publisher = {R. Pasupathy and S.-H. Kim and A. Tolk and R. Hill and M.E. Kuhl},
      }
  • Patrick Gaubatz and Waldemar Hummer and Uwe Zdun and Mark Strembeck, "Supporting Customized Views for Enforcing Access Control Constraints in Real-time Collaborative Web Applications," in 13th International Conference on Web Engineering (ICWE), 2013. BibTeX
    @INPROCEEDINGS{Gaubatz2013Supporting,
      Author = {Patrick Gaubatz and Waldemar Hummer and Uwe Zdun and Mark Strembeck},
      title = {Supporting Customized Views for Enforcing Access Control Constraints in Real-time Collaborative Web Applications},
      booktitle = {13th International Conference on Web Engineering (ICWE)},
      year = {2013},
      month = {7},
      }
  • Sebastian Schrittwieser and Martin Schmiedecker and Edgar R. Weippl and Sandra Panhans, "Ethik in der Sicherheitsforschung," in DACH Security 2013, 2013. BibTeX | PDF
    @INPROCEEDINGS{Schrittwieser_Ethik_in_der_Sicherheitsforsch_2013,
      Author = {Sebastian Schrittwieser and Martin Schmiedecker and {Edgar R.} Weippl and Sandra Panhans},
      title = {Ethik in der Sicherheitsforschung},
      booktitle = {DACH Security 2013},
      year = {2013},
      month = {9},
      pdf = {DACH-Camera Ready.pdf},
      }
  • Elisabeth Weigl and Johannes Binder and Stephan Strodl and D. Draws and Andreas Rauber, "A Framework for Automated Verification in Software Escrow," in Proceedings of the 10th International Conference on Preservation of Digital Objects (IPRES 2013), 2013. BibTeX
    @INPROCEEDINGS{Weigl_A_Framework_for_Automated_Veri_2013,
      Author = {Elisabeth Weigl and Johannes Binder and Stephan Strodl and D. Draws and Andreas Rauber},
      title = {A Framework for Automated Verification in Software Escrow },
      booktitle = {Proceedings of the 10th International Conference on Preservation of Digital Objects (IPRES 2013)},
      year = {2013},
      month = {9},
      }
  • Thomas Unger and Martin Schmiedecker and Dominik Frühwirt and Markus Huber and Sebastian Schrittwieser and Edgar R. Weippl, "SHPF: Enhancing HTTP(S) Session Security with Browser Fingerprinting," in Proceedings of the Eighth International Conference on Availability, Reliability and Security (ARES), 2013. BibTeX | PDF | Slides | Src
    @INPROCEEDINGS{ARES_SHPF_short_2013,
      Author = {Thomas Unger and Martin Schmiedecker and Dominik Frühwirt and Markus Huber and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {SHPF: Enhancing HTTP(S) Session Security with Browser Fingerprinting},
      booktitle = {Proceedings of the Eighth International Conference on Availability, Reliability and Security (ARES)},
      year = {2013},
      month = {9},
      pdf = {shpf_extendedPreprint.pdf},
      link_source = {https://github.com/mmulazzani/shpf},
      link_slides = {http://www.slideshare.net/SBAResearch/shpf-enhancing-https-session-security-with-browser-fingerprinting},
      }
  • Tomasz Miksa and Ricardo Vieira and Andreas Rauber and Stefan Proell and Stephan Strodl and Rose Barateiro, "Framework for Verification of Preserved and Redeployed Processes," in Proceedings of the 10th International Conference on Digital Preservation (iPRES2013)., 2013. BibTeX
    @INPROCEEDINGS{verification2013,
      Author = {Tomasz Miksa and Ricardo Vieira and Andreas Rauber and Stefan Proell and Stephan Strodl and Rose Barateiro},
      title = {Framework for Verification of Preserved and Redeployed Processes},
      booktitle = {Proceedings of the 10th International Conference on Digital Preservation (iPRES2013). },
      year = {2013},
      month = {9},
      }
  • Najd Ouhajjou and Peter Palensky and M. Stifter and J. Page and Stefan Fenz and A Min Tjoa, "A modular methodology for the development of urban energy planning support software," in 39th Annual Conference of the IEEE Industrial Electronics Society (IECON 2013), 2013. BibTeX
    @INPROCEEDINGS{Ouhajjou2013modular,
      Author = {Najd Ouhajjou and Peter Palensky and M. Stifter and J. Page and Stefan Fenz and {A Min} Tjoa},
      title = {A modular methodology for the development of urban energy planning support software},
      booktitle = { 39th Annual Conference of the IEEE Industrial Electronics Society (IECON 2013)},
      year = {2013},
      month = {9},
      }
  • Nicolas Sendrier and Dimitris Simos, "How easy is code equivalence over Fq," in Proceedings of the 8th International Workshop on Coding Theory and Cryptography WCC 2013, 2013, pp. 80-92. BibTeX | PDF
    @INPROCEEDINGS{_How_easy_is_code_equivalence_o_2013,
      Author = {Nicolas Sendrier and Dimitris Simos},
      title = {How easy is code equivalence over Fq},
      booktitle = {Proceedings of the 8th International Workshop on Coding Theory and Cryptography WCC 2013},
      year = {2013},
      month = {4},
      pdf = {codeq3_wccfin.pdf},
      pages = {80--92},
      }
  • Stephan Strodl and Rudolf Mayer and D. Draws and Andreas Rauber and Gonccalo Antunes, "Digital Preservation of a Process and its Application to e-Science Experiments," in Proceedings of the 10th International Conference on Preservation of Digital Objects (IPRES 2013), 2013. BibTeX
    @INPROCEEDINGS{Strodl_Digital_Preservation_of_a_Proc_2013,
      Author = {Stephan Strodl and Rudolf Mayer and D. Draws and Andreas Rauber and Gonccalo Antunes},
      title = {Digital Preservation of a Process and its Application to e-Science Experiments },
      booktitle = {Proceedings of the 10th International Conference on Preservation of Digital Objects (IPRES 2013)},
      year = {2013},
      month = {9},
      }
  • Stefan Sobernig and Bernhard Hoisl and Mark Strembeck, "Requirements driven Testing of Domain-specific Core Language Models using Scenarios," in Proceedings of the 13th International Conference on Quality Software, 2013. BibTeX | PDF
    @INPROCEEDINGS{Sobernig_Requirements_driven_Testing_of_2013,
      Author = {Stefan Sobernig and Bernhard Hoisl and Mark Strembeck},
      title = {Requirements driven Testing of Domain-specific Core Language Models using Scenarios},
      booktitle = {Proceedings of the 13th International Conference on Quality Software},
      year = {2013},
      month = {7},
      pdf = {Requirements driven testing.pdf},
      }
  • Adrian Dabrowski and Edgar R. Weippl and Isao Echizen, "Framework based on Privacy Policy Hiding for Preventing Unauthorized Face Image Processing," in Proceedings of the 2013 IEEE International Conference on Systems, Man, and Cybernetics (SMC2013), 2013. BibTeX
    @INPROCEEDINGS{Dabrowski2013Framework,
      Author = {Adrian Dabrowski and {Edgar R.} Weippl and Isao Echizen},
      title = {Framework based on Privacy Policy Hiding for Preventing Unauthorized Face Image Processing},
      booktitle = {Proceedings of the 2013 IEEE International Conference on Systems, Man, and Cybernetics (SMC2013)},
      year = {2013},
      month = {10},
      }
  • Stefan Proell and Andreas Rauber, "Scalable Data Citation in Dynamic Large Databases: Model and Reference Implementation," in IEEE International Conference on Big Data 2013 (IEEE BigData 2013), 2013. BibTeX
    @INPROCEEDINGS{proellBigData,
      Author = {Stefan Proell and Andreas Rauber},
      title = {Scalable Data Citation in Dynamic Large Databases: Model and Reference Implementation},
      booktitle = {IEEE International Conference on Big Data 2013 (IEEE BigData 2013)},
      year = {2013},
      month = {10},
      }
  • Stefan Sobernig and Mark Strembeck and A. Beck, "Developing a Domain-specific Language for Scheduling in the European Energy Sector," in 6th International Conference on Software Language Engineering (SLE), 2013. BibTeX
    @INPROCEEDINGS{Sobernig2013Developing,
      Author = {Stefan Sobernig and Mark Strembeck and A. Beck},
      title = {Developing a Domain-specific Language for Scheduling in the European Energy Sector},
      booktitle = {6th International Conference on Software Language Engineering (SLE)},
      year = {2013},
      month = {10},
      }
  • Dawid Wolosiuk and Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and A Min Tjoa, "SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment," in enviBUILD 2013 – Buildings and Environment, 2013. BibTeX
    @INPROCEEDINGS{Wolosiuk2013SEMERGY,
      Author = {Dawid Wolosiuk and Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and {A Min} Tjoa},
      title = {SEMERGY: Performance-Guided Building Design and Refurbishment within a Semantically Augmented Optimization Environment},
      booktitle = {enviBUILD 2013 - Buildings and Environment},
      year = {2013},
      month = {10},
      }
  • Maria Leitner and Sigrid Schefer Wenzl and Stefanie Rinderle-Ma and Mark Strembeck, "An Experimental Study on the Design and Modeling of Security Concepts in Business Processes," in 6th IFIP WG 8.1 Working Conference on the Practice of Enterprice Modeling (PoEM), 2013. BibTeX
    @INPROCEEDINGS{Leitner2013Experimental,
      Author = {Maria Leitner and Sigrid Schefer Wenzl and Stefanie Rinderle-Ma and Mark Strembeck},
      title = {An Experimental Study on the Design and Modeling of Security Concepts in Business Processes},
      booktitle = {6th {IFIP} {WG} 8.1 Working Conference on the Practice of Enterprice Modeling (PoEM)},
      year = {2013},
      month = {11},
      }
  • Katharina Krombholz and Heidelinde Hobel and Markus Huber and Edgar R. Weippl, "Social engineering attacks on the knowledge worker," in Proceedings of the 6th International Conference on Security of Information and Networks, 2013, pp. 28-35. BibTeX | PDF
    @INPROCEEDINGS{Krombholz2013Social,
      Author = {Katharina Krombholz and Heidelinde Hobel and Markus Huber and {Edgar R.} Weippl},
      title = {Social engineering attacks on the knowledge worker},
      booktitle = {Proceedings of the 6th International Conference on Security of Information and Networks},
      year = {2013},
      month = {11},
      pdf = {sig-alternate.pdf},
      pages = {28--35},
      publisher = {ACM},
      }
  • Martina Lindorfer and Bernhard Miller and Matthias Neugschwandtner and Christian Platzer, "Take a Bite – Finding the Worm in the Apple," in Proceedings of the 9th International Conference on Information, Communications and Signal Processing (ICICS), 2013. BibTeX | PDF
    @INPROCEEDINGS{Lindorfer2013Take,
      Author = {Martina Lindorfer and Bernhard Miller and Matthias Neugschwandtner and Christian Platzer},
      title = {Take a Bite - Finding the Worm in the Apple},
      booktitle = {Proceedings of the 9th International Conference on Information, Communications and Signal Processing (ICICS)},
      year = {2013},
      month = {12},
      pdf = {http://iseclab.org/people/mlindorfer/macmal_icics13.pdf},
      }
  • Christoph Kerschbaumer and Eric Hennigan and Per Larsen and Stefan Brunthaler and Michael Franz, "CrowdFlow: Efficient Information Flow Security," in 16th Information Security Conference (ISC 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{Kerschbaumer2013CrowdFlow,
      Author = {Christoph Kerschbaumer and Eric Hennigan and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {CrowdFlow: Efficient Information Flow Security},
      booktitle = {16th Information Security Conference (ISC 2013)},
      year = {2013},
      month = {11},
      pdf = {isc13.pdf},
      }
  • Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer, "Simulation based optimization of IT security controls: Initial experiences with metaheuristic solution procedures," in 14th EU ME Workshop, 2013. BibTeX | PDF
    @INPROCEEDINGS{_Simulation_based_optimization__2013,
      Author = {Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer},
      title = {Simulation based optimization of IT security controls: Initial experiences with metaheuristic solution procedures},
      booktitle = {14th EU ME Workshop},
      year = {2013},
      month = {3},
      pdf = {EU-ME Extended Abstract.pdf},
      }
  • Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser and Edgar R. Weippl, "Appinspect: large-scale evaluation of social networking apps," in Proceedings of the first ACM conference on Online social networks, 2013, pp. 143-154. BibTeX | PDF | Slides
    @INPROCEEDINGS{huber2013appinspect,
      Author = {Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Appinspect: large-scale evaluation of social networking apps},
      booktitle = {Proceedings of the first ACM conference on Online social networks},
      year = {2013},
      month = {10},
      pdf = {AppInspect_peprint.pdf},
      pages = {143--154},
      publisher = {ACM},
      link_slides = {http://cosn.acm.org/2013/files/Session6/Session6Paper1.pdf},
      }
  • Andrei Homescu and Steven Neisius and Per Larsen and Stefan Brunthaler and Michael Franz, "Profile-guided automated software diversity," in 2013 IEEE ACM International Symposium on Code Generation and Optimization (CGO), 2013. BibTeX | PDF
    @INPROCEEDINGS{Homescu2013Profileguided,
      Author = {Andrei Homescu and Steven Neisius and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {Profile-guided automated software diversity},
      booktitle = {2013 IEEE ACM International Symposium on Code Generation and Optimization (CGO)},
      year = {2013},
      month = {2},
      pdf = {cgo13.pdf},
      }
  • Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer, "Multi objective decision support for IT security control selection," in 26th European Conference on Operational Research (EURO 2013), 2013. BibTeX
    @INPROCEEDINGS{_Multi_objective_decision_suppo_2013,
      Author = {Elmar Kiesling and Andreas Ekelhart and Bernhard Grill and Christine Strauss and Christian Stummer},
      title = {Multi objective decision support for IT security control selection},
      booktitle = {26th European Conference on Operational Research (EURO 2013)},
      year = {2013},
      month = {7},
      }
  • Heidelinde Hobel and Johannes Heurix and Amin Anjomshoaa and Edgar R. Weippl, "Towards Security-Enhanced and Privacy-Preserving Mashup Compositions," in Security and Privacy Protection in Information Processing Systems, 2013, pp. 286-299. BibTeX
    @INPROCEEDINGS{hobel2013towards,
      Author = {Heidelinde Hobel and Johannes Heurix and Amin Anjomshoaa and {Edgar R.} Weippl},
      title = {Towards Security-Enhanced and Privacy-Preserving Mashup Compositions},
      booktitle = {Security and Privacy Protection in Information Processing Systems},
      year = {2013},
      month = {7},
      pages = {286--299},
      publisher = {Springer},
      }
  • Tomasz Miksa and Stefan Proell and Rudolf Mayer and Stephan Strodl and Ricardo Vieira and Jose Barateiro and Andreas Rauber, "Framework for verification of preserved and redeployed processes," in 10th International Conference on Preservation of Digital Objects (IPRES2013), 2013. BibTeX
    @INPROCEEDINGS{Miksa2013Framework,
      Author = {Tomasz Miksa and Stefan Proell and Rudolf Mayer and Stephan Strodl and Ricardo Vieira and Jose Barateiro and Andreas Rauber},
      title = {Framework for verification of preserved and redeployed processes},
      booktitle = {10th International Conference on Preservation of Digital Objects (IPRES2013)},
      year = {2013},
      month = {9},
      }
  • Marzieh Bakhshandeh and Goncalo Antunes and Rudolf Mayer and Jose Borbinha and Artur Caetano, "A modular ontology for the enterprise architecture domain," in 8th International Workshop on Vocabularies, Ontologies and Rules for the Enterprise and Beyond (VORTE 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{Bakhshandeh2013modular,
      Author = {Marzieh Bakhshandeh and Goncalo Antunes and Rudolf Mayer and Jose Borbinha and Artur Caetano},
      title = {A modular ontology for the enterprise architecture domain},
      booktitle = {8th International Workshop on Vocabularies, Ontologies and Rules for the Enterprise and Beyond (VORTE 2013)},
      year = {2013},
      month = {9},
      pdf = {http://www.ifs.tuwien.ac.at/%7Emayer/publications/pdf/bak_vorte13.pdf},
      }
  • Rudolf Mayer and Stefan Proell and Andreas Rauber and Raul Palma and Daniel Garijo, "Tutorial From Preserving Data to Preserving Research: Curation of Process and Context," in 17th International Conference on Theory and Practice of Digital Libraries (TPDL 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{Mayer2014Tutorial,
      Author = {Rudolf Mayer and Stefan Proell and Andreas Rauber and Raul Palma and Daniel Garijo},
      title = {Tutorial From Preserving Data to Preserving Research: Curation of Process and Context},
      booktitle = {17th International Conference on Theory and Practice of Digital Libraries (TPDL 2013)},
      year = {2013},
      month = {9},
      pdf = {http://www.ifs.tuwien.ac.at/%7Emayer/publications/pdf/may_tpdl13tutorial.pdf},
      }
  • Rudolf Mayer and Mark Guttenbrunner and Andreas Rauber, "Evaluation of preserved scientific processes," in 17th International Conference on Theory and Practice of Digital Libraries (TPDL 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{Mayer2014Evaluation,
      Author = {Rudolf Mayer and Mark Guttenbrunner and Andreas Rauber},
      title = {Evaluation of preserved scientific processes},
      booktitle = {17th International Conference on Theory and Practice of Digital Libraries (TPDL 2013)},
      year = {2013},
      month = {9},
      pdf = {http://www.ifs.tuwien.ac.at/%7Emayer/publications/pdf/may_tpdl13.pdf},
      }
  • Aleksandar Hudic and E. Revell and Dimitris Simos, "A Generation Method of Cryptographic Keys for Enterprise Communication Systems," in Proceedings of the 8th International Workshop on Frontiers in Availability, Reliability, and Security (FARES 2013), held in conjuction with ARES 2013: 8th International Conference on Availability, Reliability and Security, 2013. BibTeX
    @INPROCEEDINGS{Hudic2013Generation,
      Author = {Aleksandar Hudic and E. Revell and Dimitris Simos},
      title = {A Generation Method of Cryptographic Keys for Enterprise Communication Systems},
      booktitle = {Proceedings of the 8th International Workshop on Frontiers in Availability, Reliability, and Security (FARES 2013), held in conjuction with ARES 2013: 8th International Conference on Availability, Reliability and Security},
      year = {2013},
      month = {9},
      }
  • Maria Leitner and Michelle Miller and Stefanie Rinderle-Ma, "An Analysis and Evaluation of Security Aspects in the Business Process Model and Notation," in 2013 Eighth International Conference on Availability, Reliability and Security (ARES), 2013. BibTeX
    @INPROCEEDINGS{Leitner2013Analysis,
      Author = {Maria Leitner and Michelle Miller and Stefanie Rinderle-Ma},
      title = {An Analysis and Evaluation of Security Aspects in the Business Process Model and Notation},
      booktitle = {2013 Eighth International Conference on Availability, Reliability and Security (ARES)},
      year = {2013},
      month = {9},
      }
  • Andrei Homescu and Stefan Brunthaler and Per Larsen and Michael Franz, "Librando: Transparent Code Randomization for Just-in-Time Compilers," in 2013 ACM SIGSAC Conference on Computer and Communications Security (CSS 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{Homescu2013librando,
      Author = {Andrei Homescu and Stefan Brunthaler and Per Larsen and Michael Franz},
      title = {librando: Transparent Code Randomization for Just-in-Time Compilers},
      booktitle = {2013 ACM SIGSAC Conference on Computer and Communications Security (CSS 2013)},
      year = {2013},
      month = {9},
      pdf = {ccs13.pdf},
      }
  • Gülfem Savrun-Yeniçeri and Wei Zhang and Huahan Zhang and Chen Li and Stefan Brunthaler and Per Larsen and Michael Franz, "Efficient interpreter optimizations for the JVM," in International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools, 2013. BibTeX | PDF
    @INPROCEEDINGS{SavrunYeniceri2013Efficient,
      Author = {Gülfem Savrun-Yeniçeri and Wei Zhang and Huahan Zhang and Chen Li and Stefan Brunthaler and Per Larsen and Michael Franz},
      title = {Efficient interpreter optimizations for the JVM},
      booktitle = {International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools},
      year = {2013},
      month = {9},
      pdf = {pppj13.pdf},
      }
  • Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa, "Multi-objective optimization in the SEMERGY environment for sustainable building design and retrofit," in 2nd Central European Symposium on Building Physics (CESBP 2013), 2013. BibTeX
    @INPROCEEDINGS{Ghiassi2013Multiobjective,
      Author = {Neda Ghiassi and Ulrich Pont and Ferial Shayeganfar and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
      title = {Multi-objective optimization in the SEMERGY environment for sustainable building design and retrofit},
      booktitle = {2nd Central European Symposium on Building Physics (CESBP 2013)},
      year = {2013},
      month = {9},
      }
  • Stefan Proell and Andreas Rauber, "Citable by Design A Model for Making Data in Dynamic Environments Citable," in 2nd International Conference on Data Management Technologies and Applications (DATA2013), 2013. BibTeX
    @INPROCEEDINGS{proellData2013,
      Author = {Stefan Proell and Andreas Rauber},
      title = {Citable by Design A Model for Making Data in Dynamic Environments Citable},
      booktitle = {2nd International Conference on Data Management Technologies and Applications (DATA2013)},
      year = {2013},
      month = {7},
      }
  • Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Mahnameh Taheri and Christian Sustr and Ardeshir Mahdavi and Johannes Heurix and Stefan Fenz and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa, "Recent advances in SEMERGY: A semantically enriched optimization environment for performance-guided building design and refurbishment," in Proceedings of the 2nd Central European Symposium on Building Physics, 2013. BibTeX
    @INPROCEEDINGS{Pont2013Recent,
      Author = {Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Mahnameh Taheri and Christian Sustr and Ardeshir Mahdavi and Johannes Heurix and Stefan Fenz and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
      title = {Recent advances in SEMERGY: A semantically enriched optimization environment for performance-guided building design and refurbishment},
      booktitle = {Proceedings of the 2nd Central European Symposium on Building Physics},
      year = {2013},
      month = {9},
      }
  • Sebastian Schrittwieser and Stefan Katzenbeisser and Peter Kieseberg and Markus Huber and Manuel Leithner and Martin Schmiedecker and Edgar R. Weippl, "Covert Computation – Hiding Code in Code for Obfuscation Purposes," in Proceedings of the 8th International Symposium on ACM Symposium on Information , Computer and Communications Security (ASIACCS 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{schrittwieser-covertcomputation-2013,
      Author = {Sebastian Schrittwieser and Stefan Katzenbeisser and Peter Kieseberg and Markus Huber and Manuel Leithner and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Covert Computation - Hiding Code in Code for Obfuscation Purposes},
      booktitle = {Proceedings of the 8th International Symposium on ACM Symposium on Information , Computer and Communications Security (ASIACCS 2013)},
      year = {2013},
      month = {5},
      pdf = {p529-schrittwieser.pdf},
      }
  • Sebastian Schrittwieser and Martin Schmiedecker and Edgar R. Weippl, "Ethics in Security Research – Which Lines Should Not Be Crossed?," in Cyber-security Research Ethics Dialog & Strategy Workshop (CREDS 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{schrittwieser-ethics-2013,
      Author = {Sebastian Schrittwieser and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Ethics in Security Research - Which Lines Should Not Be Crossed?},
      booktitle = {Cyber-security Research Ethics Dialog & Strategy Workshop (CREDS 2013)},
      year = {2013},
      month = {5},
      pdf = {creds2013_preprint.pdf},
      }
  • Stefan Fenz and Thomas Neubauer and Rafael Accorsi and Thomas Koslowski, "FORISK: Formalizing Information Security Risk and Compliance Management," in International Conference on Dependable Systems and Networks (DSN 2013), 2013. BibTeX
    @INPROCEEDINGS{Fenz2013FORISK,
      Author = {Stefan Fenz and Thomas Neubauer and Rafael Accorsi and Thomas Koslowski},
      title = {FORISK: Formalizing Information Security Risk and Compliance Management},
      booktitle = {International Conference on Dependable Systems and Networks (DSN 2013)},
      year = {2013},
      month = {6},
      }
  • Goncalo Antunes and Artur Caetano and Marzieh Bakhshandeh and Rudolf Mayer and Jose Borbinha, "Using ontologies to integrate multiple enterprise architecture domains," in the 4th Workshop on Business and IT Alignment (BITA 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{Antunes2013Using,
      Author = {Goncalo Antunes and Artur Caetano and Marzieh Bakhshandeh and Rudolf Mayer and Jose Borbinha},
      title = {Using ontologies to integrate multiple enterprise architecture domains},
      booktitle = {the 4th Workshop on Business and IT Alignment (BITA 2013)},
      year = {2013},
      month = {6},
      pdf = {http://www.ifs.tuwien.ac.at/%7Emayer/publications/pdf/ant_bita13.pdf},
      }
  • Sigrid Schefer Wenzl and Stefan Sobernig and Mark Strembeck, "Evaluating a UML-based Modeling Framework for Process-related Security Properties: A Qualitative Multi-Method Study," in 21st European Conference on Information Systems (ECIS), 2013. BibTeX
    @INPROCEEDINGS{Wenzl2013Evaluating,
      Author = {Sigrid Schefer Wenzl and Stefan Sobernig and Mark Strembeck},
      title = {Evaluating a UML-based Modeling Framework for Process-related Security Properties: A Qualitative Multi-Method Study},
      booktitle = {21st European Conference on Information Systems (ECIS)},
      year = {2013},
      month = {6},
      }
  • Ferial Shayeganfar and Amin Anjomshoaa and Johannes Heurix and Christian Sustr and Neda Ghiassi and Ulrich Pont and Stefan Fenz and Thomas Neubauer and A Min Tjoa and Ardeshir Mahdavi, "An ontology-aided Optimization Approach to Eco-Efficient Building Design," in 13th International Conference of the International Building Performance Simulation Association, 2013. BibTeX
    @INPROCEEDINGS{Shayeganfar2013ontologyaided,
      Author = {Ferial Shayeganfar and Amin Anjomshoaa and Johannes Heurix and Christian Sustr and Neda Ghiassi and Ulrich Pont and Stefan Fenz and Thomas Neubauer and {A Min} Tjoa and Ardeshir Mahdavi},
      title = {An ontology-aided Optimization Approach to Eco-Efficient Building Design},
      booktitle = {13th International Conference of the International Building Performance Simulation Association},
      year = {2013},
      month = {8},
      }
  • Nicolas Sendrier and Dimitris Simos, "The Hardness of Code Equivalence over Fq and its Application to Code-based Cryptography," in Post quantum cryptography PQCrypto, 2013. BibTeX | PDF
    @INPROCEEDINGS{_The_Hardness_of_Code_Equivalen_2013,
      Author = {Nicolas Sendrier and Dimitris Simos},
      title = {The Hardness of Code Equivalence over Fq and its Application to Code-based Cryptography},
      booktitle = {Post quantum cryptography PQCrypto},
      year = {2013},
      month = {6},
      pdf = {codeqapp3_pqcrypto_fin.pdf},
      }
  • T. Quirchmayr and Mark Strembeck, "On the Impact of Concurrency for the Enforcement of Entailment Constraints in Process-driven SOAs," in 10th International Workshop on Security in Information Systems (WOSIS), 2013. BibTeX
    @INPROCEEDINGS{Quirchmayr2013Impact,
      Author = {T. Quirchmayr and Mark Strembeck},
      title = {On the Impact of Concurrency for the Enforcement of Entailment Constraints in Process-driven SOAs},
      booktitle = {10th International Workshop on Security in Information Systems (WOSIS)},
      year = {2013},
      month = {7},
      }
  • Christos Koukouvinos and Dimitris Simos and Zafeirakis Zafeirakopoulos, "A Grobner Bases Method for Complementary Sequences," in Proceedings of the 19th Conference on Applications of Computer Algebra, 2013, pp. 255-259. BibTeX
    @INPROCEEDINGS{KSZ2013ACA,
      Author = {Christos Koukouvinos and Dimitris Simos and Zafeirakis Zafeirakopoulos},
      title = {A Grobner Bases Method for Complementary Sequences},
      booktitle = {Proceedings of the 19th Conference on Applications of Computer Algebra},
      year = {2013},
      month = {7},
      pages = {255--259},
      }
  • Stefan Proell and Andreas Rauber, "BoF Session on Data Citation." 2013. BibTeX
    @INPROCEEDINGS{Proll2013BoF,
      Author = {Stefan Proell and Andreas Rauber},
      title = {BoF Session on Data Citation},
      year = {2013},
      month = {3},
      note = {Research Data Alliance - Launch and First Plenary},
      }
  • Stephen Crane and Per Larsen and Stefan Brunthaler and Michael Franz, "Booby trapping software," in 2013 New security paradigms Workshop (NSPW 2013), 2013. BibTeX | PDF
    @INPROCEEDINGS{Crane2013Booby,
      Author = {Stephen Crane and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {Booby trapping software},
      booktitle = {2013 New security paradigms Workshop (NSPW 2013)},
      year = {2013},
      month = {9},
      pdf = {nspw13.pdf},
      }
  • A. Cuzzocrea and C. Kittl and Dimitris Simos and Edgar R. Weippl and L. Xu, "Security Engineering and Intelligence Informatics, CD-ARES 2013 Workshops: MoCrySEn and SeCIHD," in Lecture Notes in Computer Science, 2013. BibTeX
    @INPROCEEDINGS{Cuzzocrea2013Security,
      Author = {A. Cuzzocrea and C. Kittl and Dimitris Simos and {Edgar R.} Weippl and L. Xu},
      title = {Security Engineering and Intelligence Informatics, CD-ARES 2013 Workshops: MoCrySEn and SeCIHD},
      booktitle = {Lecture Notes in Computer Science},
      year = {2013},
      month = {0},
      }
  • Kathrin Figl and Agnes Koschmider and Simone Kriglstein, "Visualising Process Model Hierarchies," in European Conference on Information Systems (ECIS), 2013. BibTeX
    @INPROCEEDINGS{Figl_Visualising_Process_Model_Hier_2013,
      Author = {Kathrin Figl and Agnes Koschmider and Simone Kriglstein},
      title = {Visualising Process Model Hierarchies},
      booktitle = {European Conference on Information Systems (ECIS)},
      year = {2013},
      month = {0},
      publisher = {Springer},
      }
  • Bernhard Hoisl and Stefan Sobernig and Mark Strembeck, "Higher-Order Rewriting of Model-to-Text Templates for Integrating Domain-specific Modeling Languages," in International Conference on Model-Driven Engineering and Software Development (MODELSWARD), 2013. BibTeX | PDF
    @INPROCEEDINGS{_Higher_Order_Rewriting_of_Mode_2013,
      Author = {Bernhard Hoisl and Stefan Sobernig and Mark Strembeck},
      title = {Higher-Order Rewriting of Model-to-Text Templates for Integrating Domain-specific Modeling Languages},
      booktitle = {International Conference on Model-Driven Engineering and Software Development (MODELSWARD)},
      year = {2013},
      month = {2},
      pdf = {modelsward13.pdf},
      }
  • Maria Leitner, "Delta Analysis of Role-based Access Control Models," in 14th International Conference on Computer Aided Systems Theory (EUROCAST 2013), 2013. BibTeX
    @INPROCEEDINGS{Leitner2013Delta,
      Author = {Maria Leitner},
      title = {Delta Analysis of Role-based Access Control Models},
      booktitle = {14th International Conference on Computer Aided Systems Theory (EUROCAST 2013)},
      year = {2013},
      month = {2},
      }
  • Martin Schmiedecker and Sebastian Neuner and Peter Kieseberg and Markus Huber and Sebastian Schrittwieser and Edgar R. Weippl, "Quantifying Windows File Slack in Size and Stability," in Ninth Annual IFIP WG 11.9 International Conference on Digital Forensics, 2013. BibTeX | PDF | Slides | Data
    @INPROCEEDINGS{Mulazzani_Slackspace_Quantifiation_2013,
      Author = {Martin Schmiedecker and Sebastian Neuner and Peter Kieseberg and Markus Huber and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Quantifying Windows File Slack in Size and Stability},
      booktitle = {Ninth Annual IFIP WG 11.9 International Conference on Digital Forensics},
      year = {2013},
      month = {1},
      pdf = {ifipSlack_2013_preprint.pdf},
      link_data = {http://128.130.204.91/slackspaceDataset.7z},
      link_slides = {http://www.slideshare.net/SBAResearch/quantifying-windows-file-slack-in-size-and-stability},
      }
  • Maria Leitner and Anne Baumgrass and Sigrid Schefer Wenzl and Stefanie Rinderle-Ma and Mark Strembeck, "A Case Study on the Suitability of Process Mining to Produce Current-State RBAC Models," in BPM Business Process Management Workshops, 2013, pp. 719-724. BibTeX | PDF
    @INPROCEEDINGS{leitner_case_2013,
      Author = {Maria Leitner and Anne Baumgrass and Sigrid Schefer Wenzl and Stefanie Rinderle-Ma and Mark Strembeck},
      title = {A Case Study on the Suitability of Process Mining to Produce Current-State {RBAC} Models},
      booktitle = {BPM Business Process Management Workshops},
      year = {2013},
      month = {1},
      abstract = {Role based access control RBAC is commonly used to implement authorization procedures in Process aware information systems PAIS. Process mining refers to a bundle of algorithms that typically discover process models from event log data produced during the execution of realworld processes.},
      pdf = {Leitner_SBP2012.pdf},
      number = {132},
      pages = {719-724},
      publisher = {Springer Berlin Heidelberg},
      }
  • Bernhard Hoisl, "TOWARDS TESTING THE INTEGRATION OF MOF UML BASED DOMAIN SPECIFIC MODELING LANGUAGES," in Proceedings of the 8th IASTED International Conference on Advances in Computer Science, 2013, pp. 314-323. BibTeX
    @INPROCEEDINGS{Hoisl_TOWARDS_TESTING_THE_INTEGRATIO_2013,
      Author = {Bernhard Hoisl},
      title = {TOWARDS TESTING THE INTEGRATION OF MOF UML BASED DOMAIN SPECIFIC MODELING LANGUAGES},
      booktitle = {Proceedings of the 8th IASTED International Conference on Advances in Computer Science},
      year = {2013},
      month = {0},
      pages = {314-323},
      publisher = {ACTA Press},
      }
  • Simone Kriglstein and Stefanie Rinderle-Ma and Günter Wallner, "A Visualization Approach for Difference Analysis of Process Models and Instance Traffic," in Int l Conference on Business Process Management (BPM), 2013. BibTeX
    @INPROCEEDINGS{Kriglstein_A_Visualization_Approach_for_D_2013,
      Author = {Simone Kriglstein and Stefanie Rinderle-Ma and Günter Wallner},
      title = {A Visualization Approach for Difference Analysis of Process Models and Instance Traffic},
      booktitle = {Int l Conference on Business Process Management (BPM)},
      year = {2013},
      month = {0},
      publisher = {Springer},
      }
  • Agnes Koschmider and Simone Kriglstein and Meike Ullrich, "Investigations on User Preferences of the Alignment of Process Activities," in 21st International Conference on Cooperative Information Systems (CoopIS), 2013. BibTeX
    @INPROCEEDINGS{Koschmider_Investigations_on_User_Prefere_2013,
      Author = {Agnes Koschmider and Simone Kriglstein and Meike Ullrich},
      title = {Investigations on User Preferences of the Alignment of Process Activities},
      booktitle = {21st International Conference on Cooperative Information Systems (CoopIS)},
      year = {2013},
      month = {0},
      publisher = {Springer},
      }
  • Sigrid Schefer Wenzl and Mark Strembeck, "Generic Support for RBAC Break-Glass Policies in Process-Aware Information Systems," in ACM Symposium on Applied Computing (SAC), 2013. BibTeX | PDF
    @INPROCEEDINGS{_Generic_Support_for_RBAC_Break_2013,
      Author = {Sigrid Schefer Wenzl and Mark Strembeck},
      title = {Generic Support for RBAC Break-Glass Policies in Process-Aware Information Systems},
      booktitle = {ACM Symposium on Applied Computing (SAC)},
      year = {2013},
      month = {3},
      pdf = {sac13.pdf},
      }
  • Shareeful Islam and Haralambos Mouratidis and Edgar R. Weippl, "A Goal Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud Based System," in Security Engineering for Cloud Computing: Approaches and Tools, 2013. BibTeX
    @INPROCEEDINGS{Islam_A_Goal_Driven_Risk_Management__2013,
      Author = {Shareeful Islam and Haralambos Mouratidis and {Edgar R.} Weippl},
      title = {A Goal Driven Risk Management Approach to Support Security and Privacy Analysis of Cloud Based System},
      booktitle = {Security Engineering for Cloud Computing: Approaches and Tools},
      year = {2013},
      month = {0},
      }
  • T. Quirchmayr, "On the Impact of Concurrency for the Enforcement of Entailment Constraints in Process-driven SOAs," in Proceedings of the 10th International Workshop on Security in Information Systems (WOSIS), 2013. BibTeX
    @INPROCEEDINGS{Quirchmayr_On_the_Impact_of_Concurrency_f_2013,
      Author = {T. Quirchmayr},
      title = {On the Impact of Concurrency for the Enforcement of Entailment Constraints in Process-driven SOAs},
      booktitle = {Proceedings of the 10th International Workshop on Security in Information Systems (WOSIS)},
      year = {2013},
      month = {0},
      }
  • Bernhard Hoisl and Stefan Sobernig and Mark Strembeck, "Natural-Language Scenario Descriptions for DSML Core Language Model Testing," in Proceedings of the 25th IFIP International Conference on Testing Software and Systems, 2013. BibTeX
    @INPROCEEDINGS{Hoisl_Natural_Language_Scenario_Desc_2013,
      Author = {Bernhard Hoisl and Stefan Sobernig and Mark Strembeck},
      title = {Natural-Language Scenario Descriptions for DSML Core Language Model Testing},
      booktitle = {Proceedings of the 25th IFIP International Conference on Testing Software and Systems},
      year = {2013},
      month = {0},
      }
  • P. Angelopoulos and Christos Koukouvinos and Dimitris Simos and A. Skountzou, "Multidisciplinary Research and Practice for Information Systems, IFIP International Cross Domain Conference and Workshop on Availability, Reliability and Security, CD-ARES 2013," in Lecture Notes in Computer Science (LNCS), 2013. BibTeX
    @INPROCEEDINGS{Angelopoulos_Multidisciplinary_Research_and_2013,
      Author = {P. Angelopoulos and Christos Koukouvinos and Dimitris Simos and A. Skountzou},
      title = {Multidisciplinary Research and Practice for Information Systems, IFIP International Cross Domain Conference and Workshop on Availability, Reliability and Security, CD-ARES 2013},
      booktitle = {Lecture Notes in Computer Science (LNCS)},
      year = {2013},
      month = {0},
      }
  • Christos Koukouvinos and C. Parpoul and Dimitris Simos, "Genetic Algorithm and Data Mining Techniques for Design Selection in Databases," in RAMSS 13 Proceedings of the 1st International Workshop on Statistical Methods in Reliability Assessment of Complex Industrial Multi state Systems, to be held in conjuction with ARES 13 8th International Conference on Availability, Reliability and Secur, 2013. BibTeX
    @INPROCEEDINGS{Koukouvinos_Genetic_Algorithm_and_Data_Min_2013,
      Author = {Christos Koukouvinos and C. Parpoul and Dimitris Simos},
      title = {Genetic Algorithm and Data Mining Techniques for Design Selection in Databases},
      booktitle = {RAMSS 13 Proceedings of the 1st International Workshop on Statistical Methods in Reliability Assessment of Complex Industrial Multi state Systems, to be held in conjuction with ARES 13 8th International Conference on Availability, Reliability and Secur},
      year = {2013},
      month = {0},
      }
  • Dimitris Simos and Severin Winkler, "An Approach to Penetration Testing via Combinational Designs," in ASQT 13 Proceedings of the 11th User Conference for Software Quality, Test and Innovation, Austrian Computer Society (OCG), 2013. BibTeX
    @INPROCEEDINGS{Simos_An_Approach_to_Penetration_Tes_2013,
      Author = {Dimitris Simos and Severin Winkler},
      title = {An Approach to Penetration Testing via Combinational Designs},
      booktitle = {ASQT 13 Proceedings of the 11th User Conference for Software Quality, Test and Innovation, Austrian Computer Society (OCG)},
      year = {2013},
      month = {0},
      }
  • Heidelinde Hobel and Johannes Heurix and Amin Anjomshoaa and Edgar R. Weippl, "Towards Security-Enhanced and Privacy-Preserving Mashup Compositions.," in SEC, 2013, pp. 286-299. BibTeX
    @INPROCEEDINGS{hobel2013a,
      Author = {Heidelinde Hobel and Johannes Heurix and Amin Anjomshoaa and {Edgar R.} Weippl},
      title = {Towards Security-Enhanced and Privacy-Preserving Mashup Compositions.},
      booktitle = {SEC},
      year = {2013},
      month = {0},
      volume = {405},
      pages = {286-299},
      publisher = {Springer},
      note = {The original publication is available at www.springerlink.com},
      }
  • A. Cuzzocrea and C. Kittl and Dimitris Simos and Edgar R. Weippl and L. Xu, "Availability, Reliability, and Security in Information Systems and HCI, IFIP WG 8.4, 8.9, TC 5 International Cross-Domain Conference, CD-ARES 2013," in Lecture Notes in Computer Science, 2013. BibTeX
    @INPROCEEDINGS{Cuzzocrea2013Availability,
      Author = {A. Cuzzocrea and C. Kittl and Dimitris Simos and {Edgar R.} Weippl and L. Xu},
      title = {Availability, Reliability, and Security in Information Systems and HCI, IFIP WG 8.4, 8.9, TC 5 International Cross-Domain Conference, CD-ARES 2013},
      booktitle = {Lecture Notes in Computer Science},
      year = {2013},
      month = {0},
      }
  • Sigrid Schefer Wenzl and Mark Strembeck, "A UML Extension for Modeling Break-Glass Policies," in 5th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA), 2012. BibTeX | PDF
    @INPROCEEDINGS{_A_UML_Extension_for_Modeling_B_2012,
      Author = {Sigrid Schefer Wenzl and Mark Strembeck},
      title = {A UML Extension for Modeling Break-Glass Policies},
      booktitle = {5th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA)},
      year = {2012},
      month = {9},
      pdf = {emisa12.pdf},
      }
  • J. Barateiro and D. Draws and M. Neumann and Stephan Strodl, "Digital Preservation Challenges on Software Life Cycle," in 16th European Conf. on Software Maintenance and Reengineering (CSMR2012), 2012. BibTeX
    @INPROCEEDINGS{Barateiro_Digital_Preservation_Challenge_2012,
      Author = {J. Barateiro and D. Draws and M. Neumann and Stephan Strodl},
      title = {Digital Preservation Challenges on Software Life Cycle},
      booktitle = {16th European Conf. on Software Maintenance and Reengineering (CSMR2012)},
      year = {2012},
      month = {3},
      }
  • Florian Tegeler and Xiaoming Fu and Christopher Kruegel and Giovanni Vigna, "BotFinder: Finding Bots in Network Traffic Without Deep Packet Inspection," in International Conference on emerging Networking EXperiments and Technologies, 2012. BibTeX | PDF
    @INPROCEEDINGS{_BotFinder_Finding_Bots_in_Netw_2012,
      Author = {Florian Tegeler and Xiaoming Fu and Christopher Kruegel and Giovanni Vigna},
      title = {BotFinder: Finding Bots in Network Traffic Without Deep Packet Inspection},
      booktitle = {International Conference on emerging Networking EXperiments and Technologies},
      year = {2012},
      month = {12},
      pdf = {conext12_botfinder.pdf},
      }
  • Sonja Kabicher Fuchs and Simone Kriglstein and Kathrin Figl, "Timeline Visualization for Documenting Process Model Change," in 5th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA 2012), 2012. BibTeX
    @INPROCEEDINGS{kabicher_timeline,
      Author = {Sonja Kabicher Fuchs and Simone Kriglstein and Kathrin Figl},
      title = {Timeline Visualization for Documenting Process Model Change },
      booktitle = {5th International Workshop on Enterprise Modelling and Information Systems Architectures (EMISA 2012)},
      year = {2012},
      month = {9},
      }
  • Rudolf Mayer and Stefan Proell and Andreas Rauber, "On the Applicability of Workflow Management Systems for the Preservation of Business Processes," in Proceedings of the 9th International Conference on Digital Preservation (iPres 2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{_On_the_Applicability_of_Workfl_2012,
      Author = {Rudolf Mayer and Stefan Proell and Andreas Rauber},
      title = {On the Applicability of Workflow Management Systems for the Preservation of Business Processes},
      booktitle = {Proceedings of the 9th International Conference on Digital Preservation (iPres 2012)},
      year = {2012},
      month = {10},
      pdf = {may_ipres12-workflows.pdf},
      }
  • M. Polaschek and W. Zeppelzauer and Christine Strauss, "Enterprise 2.0 Integrated Communication and Collaboration Platform," in First International Workshop on inter-Clouds and Collective Intelligence (iCCI-2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{Polaschek_Enterprise_2_0_Integrated_Comm_2012,
      Author = {M. Polaschek and W. Zeppelzauer and Christine Strauss},
      title = {Enterprise 2.0 Integrated Communication and Collaboration Platform},
      booktitle = {First International Workshop on inter-Clouds and Collective Intelligence (iCCI-2012)},
      year = {2012},
      month = {3},
      pdf = {Polaschek_Zeppelzauer_Kryvinska_Strauss.pdf},
      }
  • Stefan Fenz and Johannes Heurix and Thomas Neubauer, "Recognition and Privacy Preservation of Paper-based Health Records," in Quality of Life through Quality of Information – Proceedings of MIE2012, 2012, pp. 751-755. BibTeX | PDF
    @INPROCEEDINGS{_Recognition_and_Privacy_Preser_2012,
      Author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
      title = {Recognition and Privacy Preservation of Paper-based Health Records},
      booktitle = {Quality of Life through Quality of Information - Proceedings of MIE2012},
      year = {2012},
      month = {8},
      pdf = {2012 - Fenz - Recognition and Privacy Preservation of Paper-based Health Records.pdf},
      pages = {751-755},
      publisher = {European Federation for Medical Informatics and IOS Press},
      }
  • Sebastian Schrittwieser and Peter Kieseberg and Edgar R. Weippl, "Digital Forensics for Enterprise Rights Management," in International Conference on Information Integration and Web-based Applications & Services (iiWAS2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{_Digital_Forensics_for_Enterpri_2012,
      Author = {Sebastian Schrittwieser and Peter Kieseberg and {Edgar R.} Weippl},
      title = {Digital Forensics for Enterprise Rights Management},
      booktitle = {International Conference on Information Integration and Web-based Applications & Services (iiWAS2012)},
      year = {2012},
      month = {12},
      pdf = {16_schrittwieser.pdf},
      }
  • Maria Leitner and Juergen Mangler and Stefanie Rinderle-Ma, "Definition and Enactment of Instance-spanning Process Constraints," in Web Information System Engineering – WISE 2012 – 13th International Conference, 2012. BibTeX | PDF
    @INPROCEEDINGS{leitner_definition_2012,
      Author = {Maria Leitner and Juergen Mangler and Stefanie Rinderle-Ma},
      title = {Definition and Enactment of Instance-spanning Process Constraints},
      booktitle = {Web Information System Engineering - {WISE} 2012 - 13th International Conference},
      year = {2012},
      month = {11},
      pdf = {Leitner_WISE2012.pdf},
      publisher = {Springer},
      note = {(accepted)},
      }
  • Bernhard Hoisl and Mark Strembeck and Stefan Sobernig, "Towards a Systematic Integration of MOF UML-based Domain-specific Modeling Languages," in Proceedings of the 16th IASTED International Conference on Software Engineering and Applications, 2012, pp. 337-344. BibTeX
    @INPROCEEDINGS{Hoisl2012e,
      Author = {Bernhard Hoisl and Mark Strembeck and Stefan Sobernig},
      title = {Towards a Systematic Integration of MOF UML-based Domain-specific Modeling Languages},
      booktitle = {Proceedings of the 16th IASTED International Conference on Software Engineering and Applications},
      year = {2012},
      month = {11},
      pages = {337-344},
      publisher = {ACTA Press},
      }
  • Mykola Galushka and Philip Taylor and Wasif Gilani and John Thomson and Stephan Strodl and M. Neumann, "Digital Preservation of Business Processes with TIMBUS Architecture," in Proceedings of the 9th International Conference on Preservation of Digital Objects IPRES2012, 2012, pp. 117-125. BibTeX | PDF
    @INPROCEEDINGS{_Digital_Preservation_of_Busine_2012,
      Author = {Mykola Galushka and Philip Taylor and Wasif Gilani and John Thomson and Stephan Strodl and M. Neumann},
      title = {Digital Preservation of Business Processes with TIMBUS Architecture},
      booktitle = {Proceedings of the 9th International Conference on Preservation of Digital Objects IPRES2012},
      year = {2012},
      month = {10},
      pdf = {iPres2012_Digital_Preservation_Of_Business_Processes_with_TIMBUS_Architecture.pdf},
      pages = {117-125},
      }
  • Stephan Strodl and D. Draws and Gonccalo Antunes and Andreas Rauber, "Business Process Preservation How to capture, document and evaluate," in Proceedings of the 9th International Conference on Preservation of Digital Objects IPRES2012, 2012. BibTeX | PDF
    @INPROCEEDINGS{_Business_Process_Preservation__2012,
      Author = {Stephan Strodl and D. Draws and Gonccalo Antunes and Andreas Rauber},
      title = {Business Process Preservation How to capture, document and evaluate},
      booktitle = {Proceedings of the 9th International Conference on Preservation of Digital Objects IPRES2012},
      year = {2012},
      month = {10},
      pdf = {IPRES 2012_strodl_paper_10.pdf},
      }
  • Leyla Bilge and Davide Balzarotti and William K Robertson and Christopher Kruegel and Engin Kirda, "Disclosure: Detecting Botnet Command and Control Servers Through Large Scale NetFlow Analysis," in Annual Computer Security Applications, 2012. BibTeX | PDF
    @INPROCEEDINGS{_Disclosure_Detecting_Botnet_Co_2012,
      Author = {Leyla Bilge and Davide Balzarotti and William K Robertson and Christopher Kruegel and Engin Kirda},
      title = {Disclosure: Detecting Botnet Command and Control Servers Through Large Scale NetFlow Analysis},
      booktitle = {Annual Computer Security Applications},
      year = {2012},
      month = {12},
      pdf = {acsac12_disclosure.pdf},
      }
  • M. Neumann and Hossein Miri and John Thomson and Gonccalo Antunes and Rudolf Mayer and Michael Beigl, "Towards a Decision Support Architecture for Digital Preservation of Business Processes," in Proceedings of the 9th International Conference on Digital Preservation (iPres 2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{_Towards_a_Decision_Support_Arc_2012,
      Author = {M. Neumann and Hossein Miri and John Thomson and Gonccalo Antunes and Rudolf Mayer and Michael Beigl},
      title = {Towards a Decision Support Architecture for Digital Preservation of Business Processes},
      booktitle = {Proceedings of the 9th International Conference on Digital Preservation (iPres 2012)},
      year = {2012},
      month = {10},
      pdf = {neu_ipres12-reasoning.pdf},
      }
  • Johannes Schlumberger and Christopher Kruegel and Giovanni Vigna, "Jarhead: Analysis and Detection of Malicious Java Applets," in Annual Computer Security Applications, 2012. BibTeX | PDF
    @INPROCEEDINGS{_Jarhead_Analysis_and_Detection_2012,
      Author = {Johannes Schlumberger and Christopher Kruegel and Giovanni Vigna},
      title = {Jarhead: Analysis and Detection of Malicious Java Applets},
      booktitle = {Annual Computer Security Applications},
      year = {2012},
      month = {12},
      pdf = {acsac12_jarhead.pdf},
      }
  • Simone Kriglstein and Juergen Mangler and Stefanie Rinderle-Ma, "Who is Who: On Visualizing Organizational Models in Collaborative Systems," in 8th IEEE International Conference onCollaborativeComputing Networking, 2012, pp. 279-288. BibTeX
    @INPROCEEDINGS{_Who_is_Who_On_Visualizing_Orga_2012,
      Author = {Simone Kriglstein and Juergen Mangler and Stefanie Rinderle-Ma},
      title = {Who is Who: On Visualizing Organizational Models in Collaborative Systems},
      booktitle = {8th IEEE International Conference onCollaborativeComputing Networking},
      year = {2012},
      month = {10},
      pages = {279-288},
      publisher = {IEEE},
      }
  • Antonio Bianchi and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna, "Blacksheep: Detecting Compromised Hosts in Homogeneous Crowds," in ACM Conference on Computer and Communications Security (CCS), 2012. BibTeX | PDF
    @INPROCEEDINGS{_Blacksheep_Detecting_Compromis_2012,
      Author = {Antonio Bianchi and Yan Shoshitaishvili and Christopher Kruegel and Giovanni Vigna},
      title = {Blacksheep: Detecting Compromised Hosts in Homogeneous Crowds},
      booktitle = {ACM Conference on Computer and Communications Security (CCS)},
      year = {2012},
      month = {10},
      pdf = {ccs12_blacksheep.pdf},
      }
  • Andreas Kronabeter and Stefan Fenz, "Cloud Security and Privacy in the Light of the 2012 EU Data Protection Regulation," in 2012 CloudComp Conference, 2012. BibTeX
    @INPROCEEDINGS{Kronabeter2012Cloud,
      Author = {Andreas Kronabeter and Stefan Fenz},
      title = {Cloud Security and Privacy in the Light of the 2012 EU Data Protection Regulation},
      booktitle = {2012 CloudComp Conference},
      year = {2012},
      month = {9},
      }
  • Rudolf Mayer and Stephan Strodl and Andreas Rauber, "On the Complexity of Process Preservation: A Case Study on an E-Science Experiment," in Proceedings of the 9th International Conference on Digital Preservation (iPres 2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{_On_the_Complexity_of_Process_P_2012,
      Author = {Rudolf Mayer and Stephan Strodl and Andreas Rauber},
      title = {On the Complexity of Process Preservation: A Case Study on an E-Science Experiment},
      booktitle = {Proceedings of the 9th International Conference on Digital Preservation (iPres 2012)},
      year = {2012},
      month = {9},
      pdf = {ipres2012-Poster_CaseStudy-EscienceExperiment.pdf},
      }
  • Manuele Barbieri and Ivan Cibrario Bertolotti and Manuel Cheminod and Ioannis Christou and Luca Durante and Sofoklis Efremidis and Giorgio Gentile and Peter Kieseberg and Steen Lehmann and Paolo Paci and Micol Pesce and Andreas Ronge and Michal Tanas and Craig Taverner and Lorenz Zechner, "INMOTOS Project," in International Conference on Critical Information Infrastructures Security (CRITIS 12), 2012. BibTeX
    @INPROCEEDINGS{_INMOTOS_Project_2012,
      Author = {Manuele Barbieri and Ivan Cibrario Bertolotti and Manuel Cheminod and Ioannis Christou and Luca Durante and Sofoklis Efremidis and Giorgio Gentile and Peter Kieseberg and Steen Lehmann and Paolo Paci and Micol Pesce and Andreas Ronge and Michal Tanas and Craig Taverner and Lorenz Zechner},
      title = {INMOTOS Project},
      booktitle = {International Conference on Critical Information Infrastructures Security (CRITIS 12)},
      year = {2012},
      month = {9},
      }
  • Aleksandar Hudic and Shareeful Islam and Lorenz Zechner and Christian Krieg and Severin Winkler and Richard Hable and Edgar R. Weippl, "Towards a Unified Penetration Testing Taxonomy," in International Conference on Information Privacy, Security, Risk and Trust (PASSAT 2012), 2012. BibTeX
    @INPROCEEDINGS{_Towards_a_Unified_Penetration__2012,
      Author = {Aleksandar Hudic and Shareeful Islam and Lorenz Zechner and Christian Krieg and Severin Winkler and Richard Hable and {Edgar R.} Weippl},
      title = {Towards a Unified Penetration Testing Taxonomy},
      booktitle = {International Conference on Information Privacy, Security, Risk and Trust (PASSAT 2012)},
      year = {2012},
      month = {9},
      }
  • Rudolf Mayer and Andreas Rauber, "Towards Time-resilient MIR processes," in Proceedings of the 13th International Society for Music Information Retrieval Conference (ISMIR 2012) to appear, 2012. BibTeX | PDF
    @INPROCEEDINGS{_Towards_Time_resilient_MIR_pro_2012,
      Author = {Rudolf Mayer and Andreas Rauber},
      title = {Towards Time-resilient MIR processes},
      booktitle = {Proceedings of the 13th International Society for Music Information Retrieval Conference (ISMIR 2012) to appear},
      year = {2012},
      month = {10},
      pdf = {337-ismir-2012.pdf},
      }
  • Rudolf Mayer and Andreas Rauber and M. Neumann and John Thomson and Gonccalo Antunes, "Preserving Scientific Processes from Design to Publication," in Proceedings of the 15th International Conference on Theory and Practice of Digital Libraries (TPDL 2012), 2012. BibTeX
    @INPROCEEDINGS{_Preserving_Scientific_Processe_2012,
      Author = {Rudolf Mayer and Andreas Rauber and M. Neumann and John Thomson and Gonccalo Antunes},
      title = {Preserving Scientific Processes from Design to Publication},
      booktitle = {Proceedings of the 15th International Conference on Theory and Practice of Digital Libraries ({TPDL} 2012)},
      year = {2012},
      month = {9},
      volume = {7489},
      publisher = {Springer},
      }
  • Lorenz Zechner and Peter Kieseberg and Edgar R. Weippl, "INMOTOS: Extending the ROPE-methodology," in 14th International Conference on Information Integration and Web-based Applications and Services (iiWAS2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{Zechner2012INMOTOS,
      Author = {Lorenz Zechner and Peter Kieseberg and {Edgar R.} Weippl},
      title = {INMOTOS: Extending the ROPE-methodology},
      booktitle = {14th International Conference on Information Integration and Web-based Applications and Services (iiWAS2012)},
      year = {2012},
      month = {12},
      pdf = {p272zechner.pdf},
      }
  • Theodoor Scholte and Davide Balzarotti and William K Robertson and Engin Kirda, "An Empirical Analysis of Input Validation Mechanisms in Web Applications and Languages," in 27th ACM Symposium On Applied Computing (SAC), 2012. BibTeX | PDF
    @INPROCEEDINGS{_An_Empirical_Analysis_of_Input_2012,
      Author = {Theodoor Scholte and Davide Balzarotti and William K Robertson and Engin Kirda},
      title = {An Empirical Analysis of Input Validation Mechanisms in Web Applications and Languages},
      booktitle = {27th ACM Symposium On Applied Computing (SAC)},
      year = {2012},
      month = {3},
      pdf = {paper_sac2012_theo.pdf},
      }
  • Daniel Feledi and Stefan Fenz, "Challenges of Web-based Information Security Knowledge Sharing," in Seventh International Conference on Availability, Reliability and Security (ARES), 2012. BibTeX
    @INPROCEEDINGS{Feledi2012,
      Author = {Daniel Feledi and Stefan Fenz},
      title = {Challenges of Web-based Information Security Knowledge Sharing},
      booktitle = {Seventh International Conference on Availability, Reliability and Security (ARES)},
      year = {2012},
      month = {8},
      }
  • Peter Fruehwirt and Peter Kieseberg and Sebastian Schrittwieser and Markus Huber and Edgar R. Weippl, "InnoDB Database Forensics: Reconstructing Data Manipulation Queries from Redo Logs," in The Fifth International Workshop on Digital Forensics (WSDF), 2012. BibTeX | PDF
    @INPROCEEDINGS{_InnoDB_Database_Forensics_Reco_2012,
      Author = {Peter Fruehwirt and Peter Kieseberg and Sebastian Schrittwieser and Markus Huber and {Edgar R.} Weippl},
      title = {InnoDB Database Forensics: Reconstructing Data Manipulation Queries from Redo Logs},
      booktitle = {The Fifth International Workshop on Digital Forensics (WSDF)},
      year = {2012},
      month = {8},
      pdf = {WSDF2012_InnoDB.pdf},
      }
  • Xin Song and Lei Huang and Stefan Fenz, "Internet of Things Applications in Bulk Shipping Logistics: Problems and Potential Solutions," in Internet of Things – Proceedings of the International Workshop, IOT 2012, 2012. BibTeX
    @INPROCEEDINGS{Song2012Internet,
      Author = {Xin Song and Lei Huang and Stefan Fenz},
      title = {Internet of Things Applications in Bulk Shipping Logistics: Problems and Potential Solutions},
      booktitle = {Internet of Things - Proceedings of the International Workshop, IOT 2012},
      year = {2012},
      month = {8},
      }
  • Gregoire Jacob and Engin Kirda and Christopher Kruegel and Giovanni Vigna, "PUBCRAWL: Protecting Users and Businesses from CRAWLers," in 21st Usenix Security Symposium, 2012. BibTeX | PDF
    @INPROCEEDINGS{_PUBCRAWL_Protecting_Users_and__2012,
      Author = {Gregoire Jacob and Engin Kirda and Christopher Kruegel and Giovanni Vigna},
      title = {PUBCRAWL: Protecting Users and Businesses from CRAWLers},
      booktitle = {21st Usenix Security Symposium},
      year = {2012},
      month = {8},
      pdf = {usenix12_pubcrawl.pdf},
      }
  • Peter Paul Beran and Elisabeth Vinek and Erich Schikuta and Maria Leitner, "An Adaptive Heuristic Approach to Service Selection Problems in Dynamic Distributed Systems," in ACM IEEE 13th International Conference on Grid Computing, 2012, pp. 66-75. BibTeX
    @INPROCEEDINGS{_An_Adaptive_Heuristic_Approach_2012,
      Author = {Peter Paul Beran and Elisabeth Vinek and Erich Schikuta and Maria Leitner},
      title = {An Adaptive Heuristic Approach to Service Selection Problems in Dynamic Distributed Systems},
      booktitle = {ACM IEEE 13th International Conference on Grid Computing},
      year = {2012},
      month = {9},
      volume = {0},
      pages = {66-75},
      }
  • Sigrid Schefer Wenzl and Mark Strembeck, "Modeling Context-Aware RBAC Models for Business Processes in Ubiquitous Computing Environments," in 3rd International Conference on Mobile, Ubiquitous, and Intelligent Computing (MUSIC), 2012. BibTeX | PDF
    @INPROCEEDINGS{_Modeling_Context_Aware_RBAC_Mo_2012,
      Author = {Sigrid Schefer Wenzl and Mark Strembeck},
      title = {Modeling Context-Aware RBAC Models for Business Processes in Ubiquitous Computing Environments},
      booktitle = {3rd International Conference on Mobile, Ubiquitous, and Intelligent Computing (MUSIC)},
      year = {2012},
      month = {6},
      pdf = {music12.pdf},
      }
  • Sigrid Schefer Wenzl and Mark Strembeck and Anne Baumgrass, "An Approach for Consistent Delegation in Process-Aware Information Systems," in 15th International Conference on Business Information Systems (BIS), 2012. BibTeX | PDF
    @INPROCEEDINGS{_An_Approach_for_Consistent_Del_2012,
      Author = {Sigrid Schefer Wenzl and Mark Strembeck and Anne Baumgrass},
      title = {An Approach for Consistent Delegation in Process-Aware Information Systems},
      booktitle = {15th International Conference on Business Information Systems (BIS)},
      year = {2012},
      month = {5},
      pdf = {bis12.pdf},
      }
  • A. Mladenow and E. Fuchs and P. Dohmen and Christine Strauss, "Value creation using clouds: Analysis of Value Drivers for Start-Ups and Small and Medium Sized Enterprises in the Textile Industry," in First International Workshop on inter-Clouds and Collective Intelligence (iCCI-2012), in conjunction with the 26th IEEE Int. Conference on Advanced Information Networking and Applications Workshop (WAINA-2012), 2012. BibTeX
    @INPROCEEDINGS{_Value_creation_using_clouds_2012,
      Author = {A. Mladenow and E. Fuchs and P. Dohmen and Christine Strauss},
      title = {Value creation using clouds: Analysis of Value Drivers for Start-Ups and Small and Medium Sized Enterprises in the Textile Industry },
      booktitle = {First International Workshop on inter-Clouds and Collective Intelligence (iCCI-2012), in conjunction with the 26th IEEE Int. Conference on Advanced Information Networking and Applications Workshop (WAINA-2012)},
      year = {2012},
      month = {3},
      }
  • Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer, "Automated Transformation of Semi-Structured Text Elements," in AMCIS 2012 Proceedings, 2012, pp. 1-11. BibTeX | PDF
    @INPROCEEDINGS{_Automated_Transformation_of_Se_2012,
      Author = {Johannes Heurix and Antonio Rella and Stefan Fenz and Thomas Neubauer},
      title = {Automated Transformation of Semi-Structured Text Elements},
      booktitle = {AMCIS 2012 Proceedings},
      year = {2012},
      month = {8},
      pdf = {2012 - Heurix - Automated Transformation of Semi-Structured Text Elements.pdf},
      pages = {1-11},
      }
  • Jan Mendling and Mark Strembeck and Jan Recker, "Factors of Process Model Comprehension – Findings from a Series of Experiments," in Decision Support Systems, 2012. BibTeX
    @INPROCEEDINGS{Mendling_Factors_of_Process_Model_Compr_2012,
      Author = {Jan Mendling and Mark Strembeck and Jan Recker},
      title = {Factors of Process Model Comprehension - Findings from a Series of Experiments},
      booktitle = {Decision Support Systems },
      year = {2012},
      month = {0},
      }
  • Martin Schmiedecker and Markus Huber and Edgar R. Weippl, "Social Network Forensics: Tapping the Data Pool of Social Networks," in Eighth Annual IFIP WG 11.9 International Conference on Digital Forensics, 2012. BibTeX | PDF
    @INPROCEEDINGS{Mulazzani_Social_Network_Forensics_2012,
      Author = {Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
      title = {Social Network Forensics: Tapping the Data Pool of Social Networks},
      booktitle = {Eighth Annual IFIP WG 11.9 International Conference on Digital Forensics},
      year = {2012},
      month = {1},
      pdf = {socialForensics_preprint.pdf},
      }
  • Kaan Onarlioglu and Utku Ozan Yilmaz and Engin Kirda and Davide Balzarotti, "Insights into User Behavior in Dealing with Internet Attacks," in 19th Annual Network and Distributed System Security Symposium (NDSS 2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{_Insights_into_User_Behavior_in_2012,
      Author = {Kaan Onarlioglu and Utku Ozan Yilmaz and Engin Kirda and Davide Balzarotti},
      title = {Insights into User Behavior in Dealing with Internet Attacks},
      booktitle = {19th Annual Network and Distributed System Security Symposium (NDSS 2012)},
      year = {2012},
      month = {2},
      pdf = {onarlioglu_ndss12.pdf},
      }
  • Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Markus Huber and Edgar R. Weippl, "Guess Who Is Texting You? Evaluating the Security of Smartphone Messaging Applications," in Network and Distributed System Security Symposium (NDSS 2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{Schrittwieser_Guess_Who_s_Texting_You_Evalua_2012,
      Author = {Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
      title = {Guess Who Is Texting You? Evaluating the Security of Smartphone Messaging Applications},
      booktitle = {Network and Distributed System Security Symposium (NDSS 2012)},
      year = {2012},
      month = {2},
      pdf = {ndss2012_final.pdf},
      }
  • Stefan Fenz and Johannes Heurix and Thomas Neubauer, "Recognition and Pseudonymization of Personal Data in Paper-based Health Records," in 15th International Conference on Business Information Systems (BIS 2012), 2012, pp. 153-164. BibTeX
    @INPROCEEDINGS{_Recognition_and_Pseudonymizati_2012,
      Author = {Stefan Fenz and Johannes Heurix and Thomas Neubauer},
      title = {Recognition and Pseudonymization of Personal Data in Paper-based Health Records},
      booktitle = {15th International Conference on Business Information Systems (BIS 2012)},
      year = {2012},
      month = {5},
      volume = {117},
      pages = {153-164},
      publisher = {Springer Berlin Heidelberg},
      }
  • Christian Wimmer and Stefan Brunthaler and Per Larsen and Michael Franz, "Fine-grained modularity and reuse of virtual machine components," in 11th Annual International Conference on Aspect-Oriented Software Development (AOSD 2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{Wimmer2012Finegrained,
      Author = {Christian Wimmer and Stefan Brunthaler and Per Larsen and Michael Franz},
      title = {Fine-grained modularity and reuse of virtual machine components},
      booktitle = {11th Annual International Conference on Aspect-Oriented Software Development (AOSD 2012)},
      year = {2012},
      month = {3},
      pdf = {aosd12.pdf},
      }
  • Marco Balduzzi and Jonnas Zaddach and Davide Balzarotti and Engin Kirda and Sergio Loureiro, "A Security Analysis of Amazons Elastic Compute Cloud Service," in 27th ACM Symposium On Applied Computing (SAC), 2012. BibTeX | PDF
    @INPROCEEDINGS{_A_Security_Analysis_of_Amazon__2012,
      Author = {Marco Balduzzi and Jonnas Zaddach and Davide Balzarotti and Engin Kirda and Sergio Loureiro},
      title = {A Security Analysis of Amazons Elastic Compute Cloud Service},
      booktitle = {27th ACM Symposium On Applied Computing (SAC)},
      year = {2012},
      month = {3},
      pdf = {securecloud.pdf},
      }
  • Peter Kieseberg and Sebastian Schrittwieser and Manuel Leithner and Martin Schmiedecker and Edgar R. Weippl and Lindsay Munroe and Mayank Sinha, "Malicious Pixels Using QR Codes as Attack Vector," in Trustworthy Ubiquitous Computing, 2012, pp. 21-38. BibTeX
    @INPROCEEDINGS{_Malicious_Pixels_Using_QR_Code_2012,
      Author = {Peter Kieseberg and Sebastian Schrittwieser and Manuel Leithner and Martin Schmiedecker and {Edgar R.} Weippl and Lindsay Munroe and Mayank Sinha},
      title = {Malicious Pixels Using QR Codes as Attack Vector},
      booktitle = {Trustworthy Ubiquitous Computing},
      year = {2012},
      month = {9},
      pages = {21-38},
      }
  • Johannes Heurix and Michael Karlinger and Thomas Neubauer, "Pseudonymization with Metadata Encryption for Privacy-Preserving Searchable Documents," in Hawaii International Conference on System Sciences, 2012, pp. 3011-3020. BibTeX
    @INPROCEEDINGS{Heurix_Pseudonymization_with_Metadata_2012,
      Author = {Johannes Heurix and Michael Karlinger and Thomas Neubauer},
      title = {Pseudonymization with Metadata Encryption for Privacy-Preserving Searchable Documents},
      booktitle = {Hawaii International Conference on System Sciences},
      year = {2012},
      month = {1},
      volume = {0},
      pages = {3011-3020},
      publisher = {IEEE Computer Society},
      }
  • Anne Baumgrass and Mark Strembeck, "An Approach to Bridge the Gap between Role Mining and Role Engineering via Migration Guides," in 7th International Conference on Availability Reliability and Security (ARES), 2012. BibTeX | PDF
    @INPROCEEDINGS{_An_Approach_to_Bridge_the_Gap__2012,
      Author = {Anne Baumgrass and Mark Strembeck},
      title = {An Approach to Bridge the Gap between Role Mining and Role Engineering via Migration Guides},
      booktitle = {7th International Conference on Availability Reliability and Security (ARES)},
      year = {2012},
      month = {8},
      pdf = {ares12.pdf},
      }
  • Konstantin Hobel and Stephan Strodl, "Software Escrow Agreements," in International Legal Informatics Symposium (IRIS), 2012. BibTeX
    @INPROCEEDINGS{Hobel_Software_Escrow_Agreements_2012,
      Author = {Konstantin Hobel and Stephan Strodl},
      title = {Software Escrow Agreements},
      booktitle = {International Legal Informatics Symposium (IRIS)},
      year = {2012},
      month = {2},
      }
  • Adam Doupe and Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna, "Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner," in 21st Usenix Security Symposium, 2012. BibTeX | PDF
    @INPROCEEDINGS{_Enemy_of_the_State_A_State_Awa_2012,
      Author = {Adam Doupe and Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna},
      title = {Enemy of the State: A State-Aware Black-Box Web Vulnerability Scanner},
      booktitle = {21st Usenix Security Symposium},
      year = {2012},
      month = {8},
      pdf = {usenix12_statecrawl.pdf},
      }
  • Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Markus Huber and Gilbert Wondracek and Sylvi Rennert and Edgar R. Weippl, "Secure Software in der Cloud," in Tagungsband Cloud und Klein: IT im Spannungsfeld zwischen Servercluster und Sensornetz, 2012. BibTeX
    @INPROCEEDINGS{Schrittwieser_Secure_Software_in_der_Cloud_2012,
      Author = {Sebastian Schrittwieser and Peter Fruehwirt and Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Markus Huber and Gilbert Wondracek and Sylvi Rennert and {Edgar R.} Weippl},
      title = {Secure Software in der Cloud},
      booktitle = {Tagungsband Cloud und Klein: IT im Spannungsfeld zwischen Servercluster und Sensornetz},
      year = {2012},
      month = {4},
      }
  • Gianluca Stringhini and Manuel Egele and Apostolis Zarras and Thorsten Holz and Christopher Kruegel and Giovanni Vigna, "Babel: Leveraging Email Delivery for Spam Mitigation," in 21st Usenix Security Symposium, 2012. BibTeX
    @INPROCEEDINGS{_Babel_Leveraging_Email_Deliver_2012,
      Author = {Gianluca Stringhini and Manuel Egele and Apostolis Zarras and Thorsten Holz and Christopher Kruegel and Giovanni Vigna},
      title = {Babel: Leveraging Email Delivery for Spam Mitigation},
      booktitle = {21st Usenix Security Symposium},
      year = {2012},
      month = {8},
      abstract = {usenix12_babel.pdf},
      }
  • Martina Lindorfer and Alessandro Di Federico and Federico Maggi and Paolo Milani Comparetti and Stefano Zanero, "Lines of Malicious Code: Insights Into the Malicious Software Industry," in 28th Annual Computer Security Applications Conference (ACSAC), 2012. BibTeX
    @INPROCEEDINGS{LindorferLines,
      Author = {Martina Lindorfer and Alessandro {Di Federico} and Federico Maggi and Paolo Milani Comparetti and Stefano Zanero},
      sbahotlist = {true},
      title = {Lines of Malicious Code: Insights Into the Malicious Software Industry},
      booktitle = {28th Annual Computer Security Applications Conference (ACSAC)},
      year = {2012},
      month = {12},
      }
  • Bernhard Hoisl and Stefan Sobernig and Sigrid Schefer Wenzl and Mark Strembeck and Anne Baumgrass, "Design Decisions for UML and MOF based Domain specific Language Models Some Lessons Learned," in Proceedings of the 2nd Workshop on Process-based approaches for Model Driven Engineering PMDE, 2012, pp. 303-314. BibTeX
    @INPROCEEDINGS{Hoisl2012c,
      Author = {Bernhard Hoisl and Stefan Sobernig and Sigrid Schefer Wenzl and Mark Strembeck and Anne Baumgrass},
      title = {Design Decisions for UML and MOF based Domain specific Language Models Some Lessons Learned},
      booktitle = {Proceedings of the 2nd Workshop on Process-based approaches for Model Driven Engineering PMDE},
      year = {2012},
      month = {6},
      pages = {303-314},
      publisher = {Technical University of Denmark DTU},
      }
  • Simone Kriglstein and Stefanie Rinderle-Ma, "A Visualization Concept for High-Level Comparison of Process Model Versions," in Business Process Management Workshops, 2012. BibTeX
    @INPROCEEDINGS{kriglstein_comparsion,
      Author = {Simone Kriglstein and Stefanie Rinderle-Ma},
      title = {A Visualization Concept for High-Level Comparison of Process Model Versions},
      booktitle = {Business Process Management Workshops},
      year = {2012},
      month = {6},
      publisher = {Springer},
      }
  • Tobias Hildebrandt and Simone Kriglstein and Stefanie Rinderle-Ma, "On Applying Sonification Methods to Convey Business Process Data," in CaISE 2012 Forum, 2012. BibTeX
    @INPROCEEDINGS{hildebrandt_caise,
      Author = {Tobias Hildebrandt and Simone Kriglstein and Stefanie Rinderle-Ma},
      title = {On Applying Sonification Methods to Convey Business Process Data},
      booktitle = {CaISE 2012 Forum},
      year = {2012},
      month = {6},
      }
  • Neda Ghiassi and Ferial Shayeganfar and Ulrich Pont and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and A Min Tjoa, "Improving the usability of energy simulation applications in processing common building performance inquiries," in Simulace Budov a Techniky Prostredi, 2012. BibTeX
    @INPROCEEDINGS{Ghiassi2012Improving,
      Author = {Neda Ghiassi and Ferial Shayeganfar and Ulrich Pont and Ardeshir Mahdavi and Stefan Fenz and Johannes Heurix and Amin Anjomshoaa and Thomas Neubauer and {A Min} Tjoa},
      title = {Improving the usability of energy simulation applications in processing common building performance inquiries},
      booktitle = {Simulace Budov a Techniky Prostredi},
      year = {2012},
      month = {6},
      }
  • Theodoor Scholte and William K Robertson and Davide Balzarotti and Engin Kirda, "Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis," in 36th IEEE Conference on Computers, Software, and Applications (COMPSAC), 2012. BibTeX | PDF
    @INPROCEEDINGS{_Preventing_Input_Validation_Vu_2012,
      Author = {Theodoor Scholte and William K Robertson and Davide Balzarotti and Engin Kirda},
      title = {Preventing Input Validation Vulnerabilities in Web Applications through Automated Type Analysis },
      booktitle = {36th IEEE Conference on Computers, Software, and Applications (COMPSAC)},
      year = {2012},
      month = {7},
      pdf = {compsac-scholte.pdf},
      }
  • Stefan Fenz and Thomas Neubauer and Amin Anjomshoaa and Ulrich Pont and Ardeshir Mahdavi and A Min Tjoa, "Using Semantic Technologies for Energy-efficient Building Planning," in 2012 IEEE Green Technologies Conference, 2012. BibTeX
    @INPROCEEDINGS{Fenz2012Using,
      Author = {Stefan Fenz and Thomas Neubauer and Amin Anjomshoaa and Ulrich Pont and Ardeshir Mahdavi and {A Min} Tjoa},
      title = {Using Semantic Technologies for Energy-efficient Building Planning},
      booktitle = {2012 IEEE Green Technologies Conference},
      year = {2012},
      month = {4},
      }
  • Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and A Min Tjoa, "Exploring the utility of semantic web technology in building performance simulation," in BauSIM 2012 – Gebäudesimulation auf den Größenskalen Bauteil, Raum, Gebäude, Stadtquartier, 2012. BibTeX
    @INPROCEEDINGS{Mahdavi2012Exploring,
      Author = {Ardeshir Mahdavi and Ulrich Pont and Ferial Shayeganfar and Neda Ghiassi and Amin Anjomshoaa and Stefan Fenz and Johannes Heurix and Thomas Neubauer and {A Min} Tjoa},
      title = {Exploring the utility of semantic web technology in building performance simulation},
      booktitle = {BauSIM 2012 - Gebäudesimulation auf den Größenskalen Bauteil, Raum, Gebäude, Stadtquartier},
      year = {2012},
      month = {5},
      }
  • Andrei Homescu and Michael Stewart and Per Larsen and Stefan Brunthaler and Michael Franz, "Microgadgets: Size Does Matter in Turing-Complete Return-Oriented Programming," in 6th Workshop on Offensive Technologies (WOOT 2012), 2012. BibTeX | PDF
    @INPROCEEDINGS{Homescu2012Microgadgets,
      Author = {Andrei Homescu and Michael Stewart and Per Larsen and Stefan Brunthaler and Michael Franz},
      title = {Microgadgets: Size Does Matter in Turing-Complete Return-Oriented Programming},
      booktitle = {6th Workshop on Offensive Technologies (WOOT 2012)},
      year = {2012},
      month = {8},
      pdf = {woot12.pdf},
      }
  • Bernhard Hoisl and Mark Strembeck, "A UML Extension for the Model-driven Specification of Audit Rules," in Proceedings of the 2nd International Workshop on Information Systems Security Engineering (WISSE), 2012, pp. 16-30. BibTeX | PDF
    @INPROCEEDINGS{Hoisl2012a,
      Author = {Bernhard Hoisl and Mark Strembeck},
      title = {A UML Extension for the Model-driven Specification of Audit Rules},
      booktitle = {Proceedings of the 2nd International Workshop on Information Systems Security Engineering (WISSE)},
      year = {2012},
      month = {6},
      pdf = {WISSE2012.pdf},
      pages = {16--30},
      publisher = {Springer},
      }
  • Elmar Kiesling and Christine Strauss and Christian Stummer, "A multi objective decision support framework for simulation based security control selection," in ARES, 2012. BibTeX | PDF
    @INPROCEEDINGS{_A_multi_objective_decision_sup_2012,
      Author = {Elmar Kiesling and Christine Strauss and Christian Stummer},
      title = {A multi objective decision support framework for simulation based security control selection},
      booktitle = {ARES},
      year = {2012},
      month = {8},
      pdf = {Moses3 ARES OSA 2012.pdf},
      }
  • Bernhard Hoisl and Stefan Sobernig and Sigrid Schefer Wenzl and Mark Strembeck and Anne Baumgrass, "Design Decisions for UML and MOF based Domainspecific Language Models Some Lessons Learned," in Proceedings of the 2nd Workshop on Process based approaches for ModelDriven Engineering (PMDE), 2012, pp. 303-314. BibTeX | PDF
    @INPROCEEDINGS{_Design_Decisions_for_UML_and_M_2012,
      Author = {Bernhard Hoisl and Stefan Sobernig and Sigrid Schefer Wenzl and Mark Strembeck and Anne Baumgrass},
      title = {Design Decisions for UML and MOF based Domainspecific Language Models Some Lessons Learned},
      booktitle = {Proceedings of the 2nd Workshop on Process based approaches for ModelDriven Engineering (PMDE)},
      year = {2012},
      month = {7},
      pdf = {PMDE2012.pdf},
      pages = {303--314},
      }
  • Maria Leitner and Stefanie Rinderle-Ma and Juergen Mangler, "AW-RBAC: Access Control in Adaptive Workflow Systems," in Sixth International Conference on Availability, Reliability and Security, 2011. BibTeX | PDF
    @INPROCEEDINGS{_AW_RBAC_Access_Control_in_Adap_2011,
      Author = {Maria Leitner and Stefanie Rinderle-Ma and Juergen Mangler},
      title = {AW-RBAC: Access Control in Adaptive Workflow Systems},
      booktitle = {Sixth International Conference on Availability, Reliability and Security},
      year = {2011},
      month = {8},
      pdf = {mangler_aw-rbac.pdf},
      publisher = {IEEE Computer Society},
      }
  • Sebastian Schrittwieser and Peter Kieseberg and Isao Echizen and Sven Wohlgemuth and Noboru Sonehara and Edgar R. Weippl, "An Algorithm for k-anonymity-based Fingerprinting," in International Workshop on Digital-forensics and Watermarking (IWDW 2011), 2011. BibTeX | PDF
    @INPROCEEDINGS{_An_Algorithm_for_k_anonymity_b_2011,
      Author = {Sebastian Schrittwieser and Peter Kieseberg and Isao Echizen and Sven Wohlgemuth and Noboru Sonehara and {Edgar R.} Weippl},
      title = {An Algorithm for k-anonymity-based Fingerprinting},
      booktitle = {International Workshop on Digital-forensics and Watermarking (IWDW 2011)},
      year = {2011},
      month = {10},
      pdf = {k_anonymity_algorithm_2011.pdf},
      }
  • Stephan Strodl and Andreas Rauber, "A cost model for small scale automated digital preservation archives," in 8th International Conference on Preservation of Digital Objects (iPRES 2011), 2011, p. 97. BibTeX | PDF
    @INPROCEEDINGS{Strodl2011b,
      Author = {Stephan Strodl and Andreas Rauber},
      title = {A cost model for small scale automated digital preservation archives},
      booktitle = {8th International Conference on Preservation of Digital Objects (iPRES 2011)},
      year = {2011},
      month = {11},
      pdf = {PubDat_202967.pdf},
      pages = {97},
      }
  • Peter Kieseberg and Sebastian Schrittwieser and Martin Schmiedecker and Markus Huber and Edgar R. Weippl, "Trees Cannot Lie: Using Data Structures for Forensics Purposes," in European Intelligence and Security Informatics Conference (EISIC 2011), 2011. BibTeX | PDF
    @INPROCEEDINGS{Kieseberg_Trees_Cannot_Lie_Using_Data_St_2011,
      Author = {Peter Kieseberg and Sebastian Schrittwieser and Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
      title = {Trees Cannot Lie: Using Data Structures for Forensics Purposes},
      booktitle = {European Intelligence and Security Informatics Conference (EISIC 2011)},
      year = {2011},
      month = {9},
      pdf = {btree_forensics_camera_ready.pdf},
      }
  • Stefan Fenz, "An Ontology- and Bayesian-based Approach for Determining Threat Probabilities," in ASIA CCS ’11: 6th ACM Symposium on Information, Computer and Communications Security, 2011. BibTeX
    @INPROCEEDINGS{Fenz_An_Ontology_and_Bayesian_based_2011,
      Author = {Stefan Fenz},
      title = {An Ontology- and Bayesian-based Approach for Determining Threat Probabilities},
      booktitle = {ASIA CCS '11: 6th ACM Symposium on Information, Computer and Communications Security},
      year = {2011},
      month = {3},
      publisher = {ACM},
      }
  • Reza Rawassizadeh and Johannes Heurix and Soheil Khosravipour and A Min Tjoa, "LidSec: A Lightweight Pseudonymization Approach for Textual Personal Information," in ARES 2011 Workshop: Proceedings of the First International Workshop on Privacy by Design, 2011. BibTeX | PDF
    @INPROCEEDINGS{_LidSec_A_Lightweight_Pseudonym_2011,
      Author = {Reza Rawassizadeh and Johannes Heurix and Soheil Khosravipour and {A Min} Tjoa},
      title = {LidSec: A Lightweight Pseudonymization Approach for Textual Personal Information},
      booktitle = {ARES 2011 Workshop: Proceedings of the First International Workshop on Privacy by Design},
      year = {2011},
      month = {8},
      pdf = {Heurix_pbd_2011.pdf},
      publisher = {IEEE Computer Society},
      }
  • Sigrid Schefer, "Consistency Checks for Duties in Extended UML2 Activity Models," in Proc. of the International Workshop on Security Aspects in Process-Aware Information Systems (SAPAIS), 2011. BibTeX | PDF
    @INPROCEEDINGS{_Consistency_Checks_for_Duties__2011,
      Author = {Sigrid Schefer},
      title = {Consistency Checks for Duties in Extended UML2 Activity Models},
      booktitle = {Proc. of the International Workshop on Security Aspects in Process-Aware Information Systems (SAPAIS)},
      year = {2011},
      month = {8},
      pdf = {230_paper_4148.pdf},
      }
  • Sigrid Schefer and Mark Strembeck, "Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context," in Proc. of the International Workshop on Information Systems Security Engineering (WISSE), 2011. BibTeX | PDF
    @INPROCEEDINGS{_Modeling_Support_for_Delegatin_2011,
      Author = {Sigrid Schefer and Mark Strembeck},
      title = {Modeling Support for Delegating Roles, Tasks, and Duties in a Process-Related RBAC Context},
      booktitle = {Proc. of the International Workshop on Information Systems Security Engineering (WISSE)},
      year = {2011},
      month = {6},
      pdf = {wisse11.pdf},
      }
  • Bernhard Hoisl and Mark Strembeck, "Modeling Support for Confidentiality and Integrity of Object Flows in Activity Models," in Proc. of the 14th International Conference on Business Information Systems (BIS), Lecture Notes in Business Information Processing (LNBIP), 2011. BibTeX | PDF
    @INPROCEEDINGS{_Modeling_Support_for_Confident_2011,
      Author = {Bernhard Hoisl and Mark Strembeck},
      title = {Modeling Support for Confidentiality and Integrity of Object Flows in Activity Models},
      booktitle = {Proc. of the 14th International Conference on Business Information Systems (BIS), Lecture Notes in Business Information Processing (LNBIP)},
      year = {2011},
      month = {6},
      pdf = {bis11-extended.pdf},
      volume = {87},
      publisher = {Springer},
      }
  • Anne Baumgrass and Mark Strembeck and Stefanie Rinderle-Ma, "Deriving Role Engineering Artifacts from Business Processes and Scenario Models," in Proc. of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011. BibTeX | PDF
    @INPROCEEDINGS{_Deriving_Role_Engineering_Arti_2011,
      Author = {Anne Baumgrass and Mark Strembeck and Stefanie Rinderle-Ma},
      title = {Deriving Role Engineering Artifacts from Business Processes and Scenario Models},
      booktitle = {Proc. of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT)},
      year = {2011},
      month = {6},
      pdf = {sacmat11-re-extended.pdf},
      }
  • Waldemar Hummer and Patrick Gaubatz and Mark Strembeck and Uwe Zdun and Schahram Dustdar, ": An Integrated Approach for Identity and Access Management in a SOA Context," in Proc. of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT), 2011. BibTeX | PDF
    @INPROCEEDINGS{_An_Integrated_Approach_for_Ide_2011,
      Author = {Waldemar Hummer and Patrick Gaubatz and Mark Strembeck and Uwe Zdun and Schahram Dustdar},
      title = {: An Integrated Approach for Identity and Access Management in a SOA Context},
      booktitle = {Proc. of the 16th ACM Symposium on Access Control Models and Technologies (SACMAT)},
      year = {2011},
      month = {6},
      pdf = {sacmat11-iam.pdf},
      }
  • Hannes Obweger and Josef Schiefer and Martin Suntinger and Robert Thullner, "Entity-Based State Management for Complex Event Processing Applications," in 5th International Symposium on Rules (RuleML11), 2011. BibTeX
    @INPROCEEDINGS{Obweger_Entity_Driven_State_Management_2011,
      Author = {Hannes Obweger and Josef Schiefer and Martin Suntinger and Robert Thullner},
      title = {Entity-Based State Management for Complex Event Processing Applications},
      booktitle = {5th International Symposium on Rules (RuleML11)},
      year = {2011},
      month = {7},
      }
  • Martin Schmiedecker and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and Edgar R. Weippl, "Cloud Speicherdienste als Angriffsvektoren," in 9th Information Security Konferenz in Krems, 2011. BibTeX | PDF
    @INPROCEEDINGS{DropboxKrems2011,
      Author = {Martin Schmiedecker and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and {Edgar R.} Weippl},
      title = {Cloud Speicherdienste als Angriffsvektoren},
      booktitle = {9th Information Security Konferenz in Krems},
      year = {2011},
      month = {10},
      pdf = {DunkleWolken.pdf},
      }
  • Hannes Obweger and Josef Schiefer and Martin Suntinger and F. Breier and Robert Thullner, "Complex Event Processing off the Shelf – Rapid Development of Event-Driven Applications with Solution Templates," in 19th Mediterrean Conference on Control and Automation (MED11), 2011. BibTeX | PDF
    @INPROCEEDINGS{Obweger_Complex_Event_Processing_off_t_2011,
      Author = {Hannes Obweger and Josef Schiefer and Martin Suntinger and F. Breier and Robert Thullner},
      title = {Complex Event Processing off the Shelf - Rapid Development of Event-Driven Applications with Solution Templates},
      booktitle = {19th Mediterrean Conference on Control and Automation (MED11)},
      year = {2011},
      month = {6},
      pdf = {MED2011_cameraready.pdf},
      note = {In Review},
      }
  • M. Schedl and Christine Strauss, "A Periodic Routing Problem with Stochastic Demands," in Fifth International Conference on Complex, Intelligent, and Software Intensive Systems (CISIS-2011), 2011. BibTeX
    @INPROCEEDINGS{Schedl_A_Periodic_Routing_Problem_wit_2011,
      Author = {M. Schedl and Christine Strauss},
      title = {A Periodic Routing Problem with Stochastic Demands},
      booktitle = {Fifth International Conference on Complex, Intelligent, and Software Intensive Systems (CISIS-2011)},
      year = {2011},
      month = {7},
      }
  • Sebastian Schrittwieser and Stefan Katzenbeisser, "Code Obfuscation Against Static and Dynamic Reverse Engineering," in Information Hiding Conference 2011, 2011. BibTeX | PDF
    @INPROCEEDINGS{Schrittwieser_Code_Obfuscation_Against_Stati_2011,
      Author = {Sebastian Schrittwieser and Stefan Katzenbeisser},
      title = {Code Obfuscation Against Static and Dynamic Reverse Engineering},
      booktitle = {Information Hiding Conference 2011},
      year = {2011},
      month = {5},
      pdf = {Code_Obfuscation_CameraReady.pdf},
      }
  • Stefan Sobernig and Patrick Gaubatz and Mark Strembeck and Uwe Zdun, "Comparing Complexity of API Designs: An Exploratory Experiment on DSL-based Framework Integration," in Proc. of the 10th ACM International Conference on Generative Programming and Component Engineering (GPCE), 2011. BibTeX | PDF
    @INPROCEEDINGS{Sobernig_Comparing_Complexity_of_API_De_2011,
      Author = {Stefan Sobernig and Patrick Gaubatz and Mark Strembeck and Uwe Zdun},
      title = {Comparing Complexity of API Designs: An Exploratory Experiment on DSL-based Framework Integration},
      booktitle = {Proc. of the 10th ACM International Conference on Generative Programming and Component Engineering (GPCE)},
      year = {2011},
      month = {10},
      pdf = {gpce11.pdf},
      }
  • Anne Baumgrass and Thomas Baier and Jan Mendling and Mark Strembeck, "Conformance Checking of RBAC Policies in Process-Aware Information," in Proc. of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Computer Science (LNCS), 2011. BibTeX
    @INPROCEEDINGS{_Conformance_Checking_of_RBAC_P_2011,
      Author = {Anne Baumgrass and Thomas Baier and Jan Mendling and Mark Strembeck},
      title = {Conformance Checking of RBAC Policies in Process-Aware Information },
      booktitle = {Proc. of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Computer Science (LNCS)},
      year = {2011},
      month = {8},
      volume = {XX},
      publisher = {Springer},
      }
  • Otto Hellwig, "Was wissen wir über Malware?," in 9. Sicherheitskonferenz Krems, 2011. BibTeX
    @INPROCEEDINGS{Hellwig2011wissen,
      Author = {Otto Hellwig},
      title = {Was wissen wir über Malware?},
      booktitle = {9. Sicherheitskonferenz Krems},
      year = {2011},
      month = {10},
      }
  • Johannes Heurix and Michael Karlinger and Michael Schrefl and Thomas Neubauer, "A Hybrid Approach integrating Encryption and Pseudonymization for Protecting Electronic Health Records," in Proceedings of the Eighth IASTED International Conference on Biomedical Engineering, 2011. BibTeX
    @INPROCEEDINGS{Heurix_A_Hybrid_Approach_integrating__2011,
      Author = {Johannes Heurix and Michael Karlinger and Michael Schrefl and Thomas Neubauer},
      title = {A Hybrid Approach integrating Encryption and Pseudonymization for Protecting Electronic Health Records},
      booktitle = {Proceedings of the Eighth IASTED International Conference on Biomedical Engineering},
      year = {2011},
      month = {2},
      }
  • Mark Strembeck, "Testing Policy-based Systems with Scenarios," in 10th Conference on Software Engineering (SE 2011), 2011. BibTeX | PDF
    @INPROCEEDINGS{Strembeck_Testing_Policy_based_Systems_w_2011,
      Author = {Mark Strembeck},
      title = {Testing Policy-based Systems with Scenarios},
      booktitle = {10th Conference on Software Engineering (SE 2011)},
      year = {2011},
      month = {2},
      pdf = {se2011-extended.pdf},
      }
  • Sigrid Schefer and Mark Strembeck, "Modeling Process-Related Duties with Extended UML Activity and Interaction Diagrams," in International Workshop on Flexible Workflows in Distributed Systems (WowKiVS), 2011. BibTeX | PDF
  • Daniel Abouakil and Johannes Heurix and Thomas Neubauer, "Data Models for the Pseudonymization of DICOM Data," in Proceedings of the 44nd Hawaii International Conference on System Sciences, 2011, p. 157. BibTeX
    @INPROCEEDINGS{Abouakil_Data_Models_for_the_Pseudonymi_2011,
      Author = {Daniel Abouakil and Johannes Heurix and Thomas Neubauer},
      title = {Data Models for the Pseudonymization of DICOM Data},
      booktitle = {Proceedings of the 44nd Hawaii International Conference on System Sciences},
      year = {2011},
      month = {1},
      pages = {157},
      }
  • Raydel Montesino and Stefan Fenz, "Information security automation: how far can we go," in Sixth International Conference on Availability, Reliability and Security, 2011, pp. 280-285. BibTeX
    @INPROCEEDINGS{_Information_security_automatio_2011,
      Author = {Raydel Montesino and Stefan Fenz},
      title = {Information security automation: how far can we go},
      booktitle = {Sixth International Conference on Availability, Reliability and Security},
      year = {2011},
      month = {8},
      abstract = {Information security management is a very complex task which involves the implementation and monitoring of more than 130 security controls. To achieve greater efficiency in this process it is necessary to automate as many controls as possible. This paper provides an analysis of how many controls can be automated},
      pages = {280-285},
      publisher = {IEEE Computer Society},
      }
  • Szabolcs Rozsnyai and Hannes Obweger and Josef Schiefer, "Event Access Expressions – A Business User Language for Analyzing Event Streams," in 25th IEEE International Conference on Advanced Information Networking and Applications (AINA11), 2011. BibTeX
    @INPROCEEDINGS{Rozsnyai_Event_Access_Expressions_A_Bus_2011,
      Author = {Szabolcs Rozsnyai and Hannes Obweger and Josef Schiefer},
      title = {Event Access Expressions - A Business User Language for Analyzing Event Streams},
      booktitle = {25th IEEE International Conference on Advanced Information Networking and Applications (AINA11)},
      year = {2011},
      month = {3},
      }
  • Kresimir Kasal and Johannes Heurix and Thomas Neubauer, "Model-driven Development Meets Security: An Evaluation of Current Approaches," in Proceedings of the 44nd Hawaii International Conference on System Sciences, 2011, p. 268. BibTeX
    @INPROCEEDINGS{Kasal_Model_driven_Development_Meets_2011,
      Author = {Kresimir Kasal and Johannes Heurix and Thomas Neubauer},
      title = {Model-driven Development Meets Security: An Evaluation of Current Approaches},
      booktitle = {Proceedings of the 44nd Hawaii International Conference on System Sciences},
      year = {2011},
      month = {1},
      pages = {268},
      }
  • Sigrid Schefer and Mark Strembeck and Jan Mendling and Anne Baumgrass, "Detecting and Resolving Conflicts of Mutual-Exclusion and Binding Constraints in a Business Process Context," in Proc. of the 19th International Conference on Cooperative Information Systems (CoopIS), 2011. BibTeX | PDF
    @INPROCEEDINGS{Schefer_Detecting_and_Resolving_Confli_2011,
      Author = {Sigrid Schefer and Mark Strembeck and Jan Mendling and Anne Baumgrass},
      title = {Detecting and Resolving Conflicts of Mutual-Exclusion and Binding Constraints in a Business Process Context},
      booktitle = {Proc. of the 19th International Conference on Cooperative Information Systems (CoopIS)},
      year = {2011},
      month = {10},
      pdf = {coopis11.pdf},
      }
  • Stefan Brunthaler, "Interpreter instruction scheduling," in 20th International Conference on Compiler Construction (Lecture Notes in Computer Science), 2011. BibTeX | PDF
    @INPROCEEDINGS{Brunthaler2011Interpreter,
      Author = {Stefan Brunthaler},
      title = {Interpreter instruction scheduling},
      booktitle = {20th International Conference on Compiler Construction (Lecture Notes in Computer Science)},
      year = {2011},
      month = {4},
      pdf = {cc11.pdf},
      publisher = {Springer},
      }
  • Sigrid Schefer and Mark Strembeck and Jan Mendling, "Checking Satisfiability Aspects of Binding Constraints in a Business Process Context," in Proc. of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Computer Science (LNCS), 2011. BibTeX
    @INPROCEEDINGS{_Checking_Satisfiability_Aspect_2011,
      Author = {Sigrid Schefer and Mark Strembeck and Jan Mendling},
      title = {Checking Satisfiability Aspects of Binding Constraints in a Business Process Context},
      booktitle = {Proc. of the Workshop on Workflow Security Audit and Certification (WfSAC), Lecture Notes in Computer Science (LNCS)},
      year = {2011},
      month = {8},
      volume = {XX},
      publisher = {Springer},
      }
  • Robert Thullner and Szabolcs Rozsnyai and Hannes Obweger and Josef Schiefer and Martin Suntinger, "Proactive Business Process Compliance Monitoring with Event-Based Systems," in 6th International Workshop on Vocabularies, Ontologies and Rules for The Enterprise (VORTE 2011), 2011. BibTeX
    @INPROCEEDINGS{Thullner_Proactive_Business_Process_Com_2011,
      Author = {Robert Thullner and Szabolcs Rozsnyai and Hannes Obweger and Josef Schiefer and Martin Suntinger},
      title = {Proactive Business Process Compliance Monitoring with Event-Based Systems},
      booktitle = {6th International Workshop on Vocabularies, Ontologies and Rules for The Enterprise (VORTE 2011)},
      year = {2011},
      month = {8},
      }
  • Martin Schmiedecker and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and Edgar R. Weippl, "Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space," in USENIX Security, 2011. BibTeX | PDF
    @INPROCEEDINGS{Mulazzani_Dark_Clouds_on_the_Horizon_Usi_2011,
      Author = {Martin Schmiedecker and Sebastian Schrittwieser and Manuel Leithner and Markus Huber and {Edgar R.} Weippl},
      title = {Dark Clouds on the Horizon: Using Cloud Storage as Attack Vector and Online Slack Space},
      booktitle = {USENIX Security},
      year = {2011},
      month = {8},
      pdf = {dropboxUSENIX2011.pdf},
      }
  • Sebastian Schrittwieser and Peter Kieseberg and Isao Echizen and Sven Wohlgemuth and Noboru Sonehara, "Using Generalization Patterns for Fingerprinting Sets of Partially Anonymized Microdata in the Course of Disasters," in Workshop on Resilience and IT-Risk in Social Infrastructures (RISI 2011), 2011. BibTeX | PDF
    @INPROCEEDINGS{Schrittwieser_Using_Generalization_Patterns__2011,
      Author = {Sebastian Schrittwieser and Peter Kieseberg and Isao Echizen and Sven Wohlgemuth and Noboru Sonehara},
      title = {Using Generalization Patterns for Fingerprinting Sets of Partially Anonymized Microdata in the Course of Disasters},
      booktitle = {Workshop on Resilience and IT-Risk in Social Infrastructures (RISI 2011)},
      year = {2011},
      month = {8},
      pdf = {k-anonymity_fingerprinting_cameraReady.pdf},
      }
  • Johannes Heurix and Thomas Neubauer, "Privacy-Preserving Storage and Access of Medical Data through Pseudonymization and Encryption," in Trust, Privacy and Security in Digital Business – 8th International, 2011, pp. 186-197. BibTeX | PDF
    @INPROCEEDINGS{_Privacy_Preserving_Storage_and_2011,
      Author = {Johannes Heurix and Thomas Neubauer},
      title = {Privacy-Preserving Storage and Access of Medical Data through Pseudonymization and Encryption},
      booktitle = {Trust, Privacy and Security in Digital Business - 8th International},
      year = {2011},
      month = {8},
      pdf = {Heurix_trustbus_2011.pdf},
      volume = {6863},
      pages = {186-197},
      publisher = {Springer},
      }
  • Raydel Montesino and Stefan Fenz, "Automation possibilities in information security management," in Proceedings of the European Conference in Intelligence Security Informatics 2011, 2011. BibTeX | PDF
    @INPROCEEDINGS{_Automation_possibilities_in_in_2011,
      Author = {Raydel Montesino and Stefan Fenz},
      title = {Automation possibilities in information security management},
      booktitle = {Proceedings of the European Conference in Intelligence Security Informatics 2011},
      year = {2011},
      month = {9},
      pdf = {PID1947709.pdf},
      }
  • Dimitrios Settas and Antonio Cerone and Stefan Fenz, "Towards Automatic Generation of Ontology-based Antipattern Bayesian Network Models," in Proceedings of the 9th International Conference on Software Engineering Research Management and Applications, 2011. BibTeX | PDF
    @INPROCEEDINGS{_Towards_Automatic_Generation_o_2011,
      Author = {Dimitrios Settas and Antonio Cerone and Stefan Fenz},
      title = {Towards Automatic Generation of Ontology-based Antipattern Bayesian Network Models},
      booktitle = {Proceedings of the 9th International Conference on Software Engineering Research Management and Applications },
      year = {2011},
      month = {8},
      pdf = {urkesettas.pdf},
      }
  • Zhendong Ma and Juergen Mangler, "Enhance Data Privacy In Service Compositions Through A Privacy Proxy," in The Sixth International Conference on Availability, Reliability and Security, 2011. BibTeX | PDF
    @INPROCEEDINGS{_Enhance_Data_Privacy_In_Servic_2011,
      Author = {Zhendong Ma and Juergen Mangler},
      title = {Enhance Data Privacy In Service Compositions Through A Privacy Proxy},
      booktitle = {The Sixth International Conference on Availability, Reliability and Security},
      year = {2011},
      month = {8},
      pdf = {mangler_privacy_proxy.pdf},
      publisher = {{IEEE} Computer Society},
      }
  • Bernhard Hoisl and Stefan Sobernig, "Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models," in Proc. of the International Workshop on Security Aspects in Process-Aware Information Systems (SAPAIS), 2011. BibTeX | PDF
    @INPROCEEDINGS{_Integrity_and_Confidentiality__2011,
      Author = {Bernhard Hoisl and Stefan Sobernig},
      title = {Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models},
      booktitle = {Proc. of the International Workshop on Security Aspects in Process-Aware Information Systems (SAPAIS)},
      year = {2011},
      month = {8},
      pdf = {230_paper_4037.pdf},
      note = {ARES Workshop},
      }
  • Anne Baumgrass, "Using Event Logs to Derive Role Engineering Artifacts," in Proc. of the International Workshop on Security Aspects in Process-Aware Information Systems (SAPAIS), 2011. BibTeX | PDF
    @INPROCEEDINGS{_Deriving_Current_State_RBAC_Mo_2011,
      Author = {Anne Baumgrass},
      title = {Using Event Logs to Derive Role Engineering Artifacts},
      booktitle = {Proc. of the International Workshop on Security Aspects in Process-Aware Information Systems (SAPAIS)},
      year = {2011},
      month = {8},
      pdf = {230_paper_4025.pdf},
      note = {ARES Workshop},
      }
  • Hannes Obweger and Josef Schiefer and Martin Suntinger and Peter Kepplinger and Szabolcs Rozsnyai, "User-Oriented Rule Management for Event-Based Applications," in ACM International Conference on Distributed Event-Based Systems DEBS11, 2011. BibTeX | PDF
    @INPROCEEDINGS{Obweger_User_Oriented_Rule_Management__2011,
      Author = {Hannes Obweger and Josef Schiefer and Martin Suntinger and Peter Kepplinger and Szabolcs Rozsnyai},
      title = {User-Oriented Rule Management for Event-Based Applications},
      booktitle = {ACM International Conference on Distributed Event-Based Systems DEBS11},
      year = {2011},
      month = {7},
      pdf = {DEBS2011_cameraready.pdf},
      }
  • Maria Leitner and Juergen Mangler and Stefanie Rinderle-Ma, "Responsibility-driven Design and Development of Process-aware Security Policies," in Sixth International Conference on Availability, Reliability and Security, 2011. BibTeX | PDF
    @INPROCEEDINGS{_Design_and_Development_of_Proc_2011,
      Author = {Maria Leitner and Juergen Mangler and Stefanie Rinderle-Ma},
      title = {Responsibility-driven Design and Development of Process-aware Security Policies},
      booktitle = {Sixth International Conference on Availability, Reliability and Security},
      year = {2011},
      month = {8},
      pdf = {mangler_responsibilities.pdf},
      publisher = {IEEE Computer Society},
      }
  • Markus Huber and Martin Schmiedecker and Manuel Leithner and Sebastian Schrittwieser and Gilbert Wondracek and Edgar R. Weippl, "Social Snapshots: Digital Forensics for Online Social Networks," in Annual Computer Security Applications Conference (ACSAC), 2011. BibTeX | PDF
    @INPROCEEDINGS{_Social_Snapshots_Digital_Foren_2011,
      Author = {Markus Huber and Martin Schmiedecker and Manuel Leithner and Sebastian Schrittwieser and Gilbert Wondracek and {Edgar R.} Weippl},
      title = {Social Snapshots: Digital Forensics for Online Social Networks},
      booktitle = {Annual Computer Security Applications Conference (ACSAC)},
      year = {2011},
      month = {12},
      pdf = {social_snapshots_preprint.pdf},
      }
  • Mark Guttenbrunner and Andreas Rauber, "Re-awakening the Philips Videopac: From an old tape to a vintage feeling on a modern screen," in Proceedings of the 8th International Conference on Preservation of Digital Objects (iPres 2011), 2011, pp. 250-251. BibTeX | PDF
    @INPROCEEDINGS{TUW-201180,
      Author = {Mark Guttenbrunner and Andreas Rauber},
      title = {Re-awakening the Philips Videopac: From an old tape to a vintage feeling on a modern screen},
      booktitle = {Proceedings of the 8th International Conference on Preservation of Digital Objects (iPres 2011)},
      year = {2011},
      month = {11},
      pdf = {Demo ipres 2011.pdf},
      pages = {250--251},
      note = {Posterpr asentation: iPres 2011 - 8th International Conference on Preservation of Digital Objects},
      }
  • Mark Guttenbrunner and Andreas Rauber, "Design Decisions in Emulator Construction: A Case Study on Home Computer Software Preservation," in Proceedings of the 8th International Conference on Preservation of Digital Objects (iPres 2011), 2011, pp. 171-180. BibTeX | PDF
    @INPROCEEDINGS{TUW-201169,
      Author = {Mark Guttenbrunner and Andreas Rauber},
      title = {Design Decisions in Emulator Construction: A Case Study on Home Computer Software Preservation},
      booktitle = {Proceedings of the 8th International Conference on Preservation of Digital Objects (iPres 2011)},
      year = {2011},
      month = {11},
      pdf = {Paper ipres 2011.pdf},
      pages = {171-180},
      note = {Vortrag: iPres 2011 - 8th International Conference on Preservation of Digital Objects},
      }
  • Peter Kieseberg and Sebastian Schrittwieser and Lorcan Morgan and Martin Schmiedecker and Markus Huber and Edgar R. Weippl, "Using the Structure of B plus Trees for Enhancing Logging Mechanisms of Databases," in International Conference on Information Integration and Web-based Applications & Services (iiWAS2011), 2011. BibTeX | PDF
    @INPROCEEDINGS{_Using_the_Structure_of_B_Trees_2011,
      Author = {Peter Kieseberg and Sebastian Schrittwieser and Lorcan Morgan and Martin Schmiedecker and Markus Huber and {Edgar R.} Weippl},
      title = {Using the Structure of B plus Trees for Enhancing Logging Mechanisms of Databases},
      booktitle = {International Conference on Information Integration and Web-based Applications & Services (iiWAS2011)},
      year = {2011},
      month = {12},
      pdf = {iiWAS2011_133_Short_Kieseberg.pdf},
      }
  • Martina Lindorfer and Clemens Kolbitsch and Paolo Milani Comparetti, "Detecting Environment-Sensitive Malware," in 14th International Symposium on Recent Advances in Intrusion Detection (RAID), 2011. BibTeX
    @INPROCEEDINGS{Lindorfer2011Detecting,
      Author = {Martina Lindorfer and Clemens Kolbitsch and Paolo Milani Comparetti},
      sbahotlist = {true},
      title = {Detecting Environment-Sensitive Malware},
      booktitle = {14th International Symposium on Recent Advances in Intrusion Detection (RAID)},
      year = {2011},
      month = {9},
      }
  • Nicolas Racz and Edgar R. Weippl and Andreas Seufert, "A process model for integrated IT governance, risk, and compliance management," in Proceedings of the Ninth Conference on Databases and Information Systems (DB IS 2010), 2010. BibTeX
    @INPROCEEDINGS{weippl_bzzf_2010_Racz,
      Author = {Nicolas Racz and {Edgar R.} Weippl and Andreas Seufert},
      title = {A process model for integrated IT governance, risk, and compliance management},
      booktitle = {Proceedings of the Ninth Conference on Databases and Information Systems (DB IS 2010)},
      year = {2010},
      month = {7},
      publisher = {Springer LNCS},
      }
  • Hannes Obweger and Josef Schiefer and Peter Kepplinger and Martin Suntinger, "Discovering Hierarchical Patterns in Event-Based Systems," in In Proceedings of the 2010 IEEE International Conference on Services Computing (SCC 10), 2010. BibTeX
    @INPROCEEDINGS{Obweger_Discovering_Hierarchical_Patte_2010,
      Author = {Hannes Obweger and Josef Schiefer and Peter Kepplinger and Martin Suntinger},
      title = {Discovering Hierarchical Patterns in Event-Based Systems},
      booktitle = {In Proceedings of the 2010 IEEE International Conference on Services Computing (SCC 10)},
      year = {2010},
      month = {7},
      }
  • Albert Kavelar and Hannes Obweger and Josef Schiefer and Martin Suntinger, "Web-Based Decision Making for Complex Event Processing Systems," in Proceedings of the 2010 6th World Congress on Services (SERVICES’10), 2010. BibTeX
    @INPROCEEDINGS{Kavelar_Web_Based_Decision_Making_for__2010,
      Author = {Albert Kavelar and Hannes Obweger and Josef Schiefer and Martin Suntinger},
      title = {Web-Based Decision Making for Complex Event Processing Systems},
      booktitle = {Proceedings of the 2010 6th World Congress on Services (SERVICES'10)},
      year = {2010},
      month = {7},
      }
  • Viktoria Felmetsger and Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna, "Toward Automated Detection of Logic Vulnerabilities in Web Applications," in 19th Usenix Security Symposium, 2010. BibTeX
    @INPROCEEDINGS{Felmetsger_Toward_Automated_Detection_of__2010,
      Author = {Viktoria Felmetsger and Ludovico Cavedon and Christopher Kruegel and Giovanni Vigna},
      title = {Toward Automated Detection of Logic Vulnerabilities in Web Applications},
      booktitle = {19th Usenix Security Symposium},
      year = {2010},
      month = {8},
      }
  • Gilbert Wondracek and Thorsten Holz and Christian Platzer and Engin Kirda and Christopher Kruegel, "Is the Internet for Porn? An Insight into the Online Adult Industry," in Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS 2010), 2010. BibTeX | PDF
    @INPROCEEDINGS{Wondracek_InternetPorn2010,
      Author = {Gilbert Wondracek and Thorsten Holz and Christian Platzer and Engin Kirda and Christopher Kruegel},
      title = {Is the Internet for Porn? An Insight into the Online Adult Industry},
      booktitle = {Proceedings of the Ninth Workshop on the Economics of Information Security (WEIS 2010)},
      year = {2010},
      month = {6},
      pdf = {weis2010_wondracek.pdf},
      }
  • Markus Huber and Martin Schmiedecker and Edgar R. Weippl, "Who On Earth Is Mr. Cypher? Automated Friend Injection Attacks on Social Networking Sites," in Proceedings of the IFIP International Information Security Conference 2010: Security and Privacy, 2010. BibTeX | PDF
    @INPROCEEDINGS{Huber_Who_On_Earth_Is_Mr_Cypher_Auto_2010,
      Author = {Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Who On Earth Is Mr. Cypher? Automated Friend Injection Attacks on Social Networking Sites},
      booktitle = {Proceedings of the IFIP International Information Security Conference 2010: Security and Privacy},
      year = {2010},
      month = {9},
      pdf = {sec2010-friendInjection_preprint.pdf},
      }
  • Gerald Bader and Amin Anjomshoaa and A Min Tjoa, "Privacy Aspects of Mashup Architecture," in Proceedings of IEEE Conference on Privacy, Security, Risk and Trust (PASSAT 2010), 2010. BibTeX
    @INPROCEEDINGS{Bader_Privacy_Aspects_of_Mashup_Arch_2010,
      Author = {Gerald Bader and Amin Anjomshoaa and {A Min} Tjoa},
      title = {Privacy Aspects of Mashup Architecture},
      booktitle = {Proceedings of IEEE Conference on Privacy, Security, Risk and Trust (PASSAT 2010)},
      year = {2010},
      month = {8},
      }
  • Wikan Danar Sunindyo and Stefan Biffl and R. Mordinyi and Thomas Moser and Alexander Schatten and Mohammad Tabatabai Irani and Dindin Wahyudin and Edgar R. Weippl and Dietmar Winkler, "An event-based empirical process analysis framework," in Proceedings of the 2010 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM), 2010. BibTeX | PDF
    @INPROCEEDINGS{_An_event_based_empirical_proce_2010,
      Author = {Wikan Danar Sunindyo and Stefan Biffl and R. Mordinyi and Thomas Moser and Alexander Schatten and Mohammad {Tabatabai Irani} and Dindin Wahyudin and {Edgar R.} Weippl and Dietmar Winkler},
      title = {An event-based empirical process analysis framework},
      booktitle = {Proceedings of the 2010 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM)},
      year = {2010},
      month = {9},
      pdf = {a65-sunindyo.pdf},
      acm = {397838},
      }
  • C. Frühwirth and Stefan Biffl and Mohammad Tabatabai Irani and Edgar R. Weippl, "Addressing misalignment between information security metrics and business-driven security objectives," in Proceedings of the 6th International Workshop on Security Measurements and Metrics (MetriSec), 2010. BibTeX | PDF
    @INPROCEEDINGS{_Addressing_misalignment_betwee_2010,
      Author = {C. Frühwirth and Stefan Biffl and Mohammad {Tabatabai Irani} and {Edgar R.} Weippl},
      title = {Addressing misalignment between information security metrics and business-driven security objectives},
      booktitle = {Proceedings of the 6th International Workshop on Security Measurements and Metrics (MetriSec)},
      year = {2010},
      month = {9},
      pdf = {a6-fruehwirth.pdf},
      acm = {399966},
      }
  • Matthias Neugschwandtner and Christian Platzer and Paolo Milani Comparetti and Ulrich Bayer, "DAnubis (Dynamic Device Driver Analysis Based on Virtual Machine Introspection)," in Seventh Conference on Detection of Intrusions and Malware & Vulnerability Assessment DIMVA, 2010. BibTeX | PDF
    @INPROCEEDINGS{Neugschwandtner_dAnubis_Dynamic_Device_Driver__null,
      Author = {Matthias Neugschwandtner and Christian Platzer and Paolo Milani Comparetti and Ulrich Bayer},
      title = {dAnubis (Dynamic Device Driver Analysis Based on Virtual Machine Introspection)},
      booktitle = {Seventh Conference on Detection of Intrusions and Malware & Vulnerability Assessment DIMVA},
      year = {2010},
      month = {7},
      abstract = {In the escalating arms race between malicious code and secu- rity tools designed to analyze it, detect it or mitigate its impact, malicious code running inside the operating system kernel provides an extremely powerful tool. Kernel-level code can introduce hard to detect backdoors, provide stealth by hiding fies, processes or other resources and in general tamper with operating system code and data in arbitrary ways. Under Windows, kernel-level malicious code typically takes the form of a device driver. In this work, we present dAnubis, a system for the real- time, dynamic analysis of malicious Windows device drivers. dAnubis can automatically provide a high-level, human-readable report of a driver's behavior on the system. We applied our system to a dataset of over 400 malware samples. The results of this analysis shed some light on the behavior of kernel-level malicious code that is in the wild today.},
      pdf = {dimva2010-dAnubis.pdf},
      }
  • Johannes Heurix and Thomas Neubauer, "On the Security of Outsourced and Untrusted Databases," in IEEE ACIS International Conference on Computer and Information Science, 2010, pp. 125-132. BibTeX
    @INPROCEEDINGS{Heurix_On_the_Security_of_Outsourced__2010,
      Author = {Johannes Heurix and Thomas Neubauer},
      title = {On the Security of Outsourced and Untrusted Databases},
      booktitle = {IEEE ACIS International Conference on Computer and Information Science},
      year = {2010},
      month = {9},
      abstract = {The outsourcing of databases to third parties has become a viable alternative to traditional in-house data management. Database management by third parties including the storage and maintenance allows companies to reduce their expenses and profit from the expertise of data storage specialists. However, the price is the transfer of confidential data to third parties. The data owners need to trust the third party that data is stored (i) confidentially, such that the service providers cannot profit from passing the data to unauthorized parties, and (ii) in a correct and untampered state. This work identifies security issues that data owners have to face when it comes to database outsourcing. We provide an overview of existing techniques for solving the confidentiality and integrity problem and point out the limitations of these approaches. Thereby, this work aims to support decision makers who are confronted with the outsourcing question.},
      pages = {125-132},
      }
  • Otto Hellwig, "Cyber-Security: Threats, measures, instruments, future dimensions," in Knowright 2010, 2010. BibTeX
    @INPROCEEDINGS{Hellwig2010CyberSecurity,
      Author = {Otto Hellwig},
      title = {Cyber-Security: Threats, measures, instruments, future dimensions},
      booktitle = {Knowright 2010},
      year = {2010},
      month = {0},
      }
  • Marco Balduzzi and Christian Platzer and Thorsten Holz and Engin Kirda and Davide Balzarotti and Christopher Kruegel, "Abusing Social Networks for Automated User Profiling," in International Symposium on Recent Advances in Intrusion Detection (RAID 2010), 2010. BibTeX
    @INPROCEEDINGS{Balduzzi_Abusing_Social_Networks_for_Au_2010,
      Author = {Marco Balduzzi and Christian Platzer and Thorsten Holz and Engin Kirda and Davide Balzarotti and Christopher Kruegel},
      title = {Abusing Social Networks for Automated User Profiling},
      booktitle = {International Symposium on Recent Advances in Intrusion Detection (RAID 2010)},
      year = {2010},
      month = {9},
      }
  • Peter Fruehwirt and Markus Huber and Martin Schmiedecker and Edgar R. Weippl, "Sicherheit in sozialen Netzwerken: Quo Vadis," in 8th Information Security Konferenz in Krems, 2010. BibTeX
    @INPROCEEDINGS{Fruewirt_Sicherheit_in_sozialen_Netzwer_2010,
      Author = {Peter Fruehwirt and Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Sicherheit in sozialen Netzwerken: Quo Vadis},
      booktitle = {8th Information Security Konferenz in Krems},
      year = {2010},
      month = {11},
      }
  • Otto Hellwig, "Kategorisierung von CERTs (Computer Emergency Response Teams) und Warnsystemen," in 8. Sicherheits-Konferenz Krems, 2010. BibTeX
    @INPROCEEDINGS{Hellwig2010Kategorisierung,
      Author = {Otto Hellwig},
      title = {Kategorisierung von CERTs (Computer Emergency Response Teams) und Warnsystemen},
      booktitle = {8. Sicherheits-Konferenz Krems},
      year = {2010},
      month = {0},
      }
  • Clemens Kolbitsch and Christopher Kruegel and Engin Kirda, "Extending Mondrian Memory Protection," in NATO RTO IST-091 Symposium, 2010. BibTeX
    @INPROCEEDINGS{Kolbitsch_Extending_Mondrian_Memory_Prot_2010,
      Author = {Clemens Kolbitsch and Christopher Kruegel and Engin Kirda},
      title = {Extending Mondrian Memory Protection},
      booktitle = {NATO RTO IST-091 Symposium},
      year = {2010},
      month = {4},
      }
  • Kaan Onarlioglu and Leyla Bilge and Andrea Lanzi and Davide Balzarotti and Engin Kirda, "G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries," in 26th Annual Computer Security Applications Conference (ACSAC), 2010. BibTeX
    @INPROCEEDINGS{Onarlioglu_G_Free_Defeating_Return_Orient_2010,
      Author = {Kaan Onarlioglu and Leyla Bilge and Andrea Lanzi and Davide Balzarotti and Engin Kirda},
      title = {G-Free: Defeating Return-Oriented Programming through Gadget-less Binaries},
      booktitle = {26th Annual Computer Security Applications Conference (ACSAC)},
      year = {2010},
      month = {12},
      }
  • Gianluca Stringhini and Christopher Kruegel and Giovanni Vigna, "Detecting Spammers On Social Networks," in 26th Annual Computer Security Applications Conference (ACSAC), 2010. BibTeX
    @INPROCEEDINGS{Stringhini_Detecting_Spammers_On_Social_N_2010,
      Author = {Gianluca Stringhini and Christopher Kruegel and Giovanni Vigna},
      title = {Detecting Spammers On Social Networks},
      booktitle = {26th Annual Computer Security Applications Conference (ACSAC)},
      year = {2010},
      month = {12},
      }
  • Mark Guttenbrunner and Jan Wieners and Andreas Rauber and Manfred Thaller, "Same Same But Different Comparing Rendering Environments for Interactive Digital Objects," in Proceedings of the Third international conference on Digital heritage – EuroMed 10, 2010. BibTeX
    @INPROCEEDINGS{Guttenbrunner_Same_Same_But_Different_Compar_2010,
      Author = {Mark Guttenbrunner and Jan Wieners and Andreas Rauber and Manfred Thaller},
      title = {Same Same But Different Comparing Rendering Environments for Interactive Digital Objects},
      booktitle = {Proceedings of the Third international conference on Digital heritage - EuroMed 10},
      year = {2010},
      month = {11},
      abstract = {Digital cultural heritage in interactive form can take different shapes. It can be either in the form of interactive virtual representations of non-digital objects like buildings or nature, but also as born digital materials like interactive art and video games. To preserve these materials for a long term, we need to perform preservation actions on them. To check the validity of these actions, the original and the preserved form have to be compared. While static information like images or text documents can be migrated to new formats, especially digital objects which are interactive have to be preserved using new rendering environments. In this paper we show how the results of rendering an object in different environments can be compared. We present a workflow with three stages that supports the execution of digital objects in a rendering environment, the application of interactive actions in a standardized way to ensure no deviations due to different interactions, and the XCL Layout processor application that extends the characterized screenshots of the rendering results by adding information about significant areas in the screenshot allowing us to compare the rendering results. We present case studies on interactive fiction and a chess program that show that the approach is valid and that the rendering results can be successfully compared.},
      }
  • Wikan Danar Sunindyo and Stefan Biffl and C. Frühwirth and R. Mordinyi and Thomas Moser and Alexander Schatten and Sebastian Schrittwieser and Edgar R. Weippl, "Defect Detection Using Event-Based Process Analysis in Software Engineering Projects," in 36th Euromicro Conference Software Engineering and Advanced Applications SEAA 2010, 2010. BibTeX
    @INPROCEEDINGS{Sunindyo_Defect_Detection_Using_Event_B_2010,
      Author = {Wikan Danar Sunindyo and Stefan Biffl and C. Frühwirth and R. Mordinyi and Thomas Moser and Alexander Schatten and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Defect Detection Using Event-Based Process Analysis in Software Engineering Projects},
      booktitle = {36th Euromicro Conference Software Engineering and Advanced Applications SEAA 2010},
      year = {2010},
      month = {9},
      }
  • Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Lindsay Munroe and Sebastian Schrittwieser and Mayank Sinha and Edgar R. Weippl, "QR Code Security," in Fourth International Workshop on Trustworthy Ubiquitous Computing (TwUC 2010), 2010. BibTeX | PDF
    @INPROCEEDINGS{twuc_2010,
      Author = {Peter Kieseberg and Manuel Leithner and Martin Schmiedecker and Lindsay Munroe and Sebastian Schrittwieser and Mayank Sinha and {Edgar R.} Weippl},
      title = {QR Code Security},
      booktitle = {Fourth International Workshop on Trustworthy Ubiquitous Computing (TwUC 2010)},
      year = {2010},
      month = {11},
      pdf = {QR_Code_Security.pdf},
      }
  • Andrea Lanzi and Davide Balzarotti and Christopher Kruegel and Mihai Christodorescu and Engin Kirda, "AccessMiner: Using System-Centric Models for Malware Protection," in 17th ACM Conference on Computer and Communications Security (CCS), 2010. BibTeX
    @INPROCEEDINGS{Lanzi_AccessMiner_Using_System_Centr_2010,
      Author = {Andrea Lanzi and Davide Balzarotti and Christopher Kruegel and Mihai Christodorescu and Engin Kirda},
      title = {AccessMiner: Using System-Centric Models for Malware Protection},
      booktitle = {17th ACM Conference on Computer and Communications Security (CCS)},
      year = {2010},
      month = {10},
      }
  • Mark Strembeck and Jan Mendling, "Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context," in 18th International Conference on Cooperative Information Systems (CoopIS), 2010. BibTeX
    @INPROCEEDINGS{Strembeck_Generic_Algorithms_for_Consist_2010,
      Author = {Mark Strembeck and Jan Mendling},
      title = {Generic Algorithms for Consistency Checking of Mutual-Exclusion and Binding Constraints in a Business Process Context},
      booktitle = {18th International Conference on Cooperative Information Systems (CoopIS)},
      year = {2010},
      month = {10},
      volume = {6426},
      publisher = {Springer Verlag},
      }
  • Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser and Edgar R. Weippl, "Cheap and Automated Socio-Technical Attacks based on Social Networking Sites," in 3rd Workshop on Artificial Intelligence and Security AISec 10, 2010. BibTeX | PDF
    @INPROCEEDINGS{Huber_Cheap_and_Automated_Socio_Tech_2010,
      Author = {Markus Huber and Martin Schmiedecker and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Cheap and Automated Socio-Technical Attacks based on Social Networking Sites},
      booktitle = {3rd Workshop on Artificial Intelligence and Security AISec 10},
      year = {2010},
      month = {10},
      pdf = {p61huber.pdf},
      }
  • Stefan Brunthaler, "Efficient interpretation using quickening," in Dynamic Languages Symposium 2010 (ACM SIGPLAN Notices), 2010. BibTeX | PDF
    @INPROCEEDINGS{Brunthaler2010Efficient,
      Author = {Stefan Brunthaler},
      title = {Efficient interpretation using quickening},
      booktitle = {Dynamic Languages Symposium 2010 (ACM SIGPLAN Notices)},
      year = {2010},
      month = {10},
      pdf = {dls10.pdf},
      }
  • C. Frühwirth and Stefan Biffl and Alexander Schatten and Sebastian Schrittwieser and Edgar R. Weippl, "Research Challenges in the Security Design and Evaluation of an Engineering Service Bus Platform," in 36th Euromicro Conference Software Engineering and Advanced Applications (SEAA 2010, 2010. BibTeX
    @INPROCEEDINGS{Fruehwirth_Research_Challenges_in_the_Sec_2010,
      Author = {C. Frühwirth and Stefan Biffl and Alexander Schatten and Sebastian Schrittwieser and {Edgar R.} Weippl},
      title = {Research Challenges in the Security Design and Evaluation of an Engineering Service Bus Platform},
      booktitle = {36th Euromicro Conference Software Engineering and Advanced Applications (SEAA 2010},
      year = {2010},
      month = {9},
      }
  • Farman Ali Khan and Sabine Graf and Edgar R. Weippl and A Min Tjoa, "Role of Learning Styles and Affective States in Web-based Adaptive Learning Environments," in Proceedings of ED-MEDIA, 2010. BibTeX
    @INPROCEEDINGS{weippl_bzzh_2010_LearningStyles_EDMEDIA,
      Author = {Farman Ali Khan and Sabine Graf and {Edgar R.} Weippl and {A Min} Tjoa},
      title = {Role of Learning Styles and Affective States in Web-based Adaptive Learning Environments},
      booktitle = {Proceedings of ED-MEDIA},
      year = {2010},
      month = {9},
      publisher = {AACE},
      }
  • Nicolas Racz and Andreas Seufert and Edgar R. Weippl, "Questioning the need for separate IT risk management frameworks," in Konferenz Risk Management, Compliance und Governance für widerstandsfähige Informationssysteme, 2010, pp. 245-252. BibTeX
    @INPROCEEDINGS{Weippl_Questioning_the_need_for_separ_2010,
      Author = {Nicolas Racz and Andreas Seufert and {Edgar R.} Weippl},
      title = {Questioning the need for separate IT risk management frameworks},
      booktitle = {Konferenz Risk Management, Compliance und Governance für widerstandsfähige Informationssysteme },
      year = {2010},
      month = {9},
      abstract = {The growing importance of enterprise risk management and the resulting integration efforts put the need for separate IT risk management frameworks in question. In this research we analyse common and distinct elements of the COSO enterprise risk management and ISACA Risk IT frameworks. The analysis affirms the hypothesis that separate IT risk management frameworks are redundant},
      pages = {245-252},
      }
  • Markus Huber and Martin Schmiedecker and Edgar R. Weippl, "Social Networking Sites Security Quo Vadis," in Proceedings of the 1st International Workshop on Privacy Aspects of Social Web and Cloud Computing, 2010. BibTeX
    @INPROCEEDINGS{Huber_Social_Networking_Sites_Securi_2010,
      Author = {Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Social Networking Sites Security Quo Vadis},
      booktitle = {Proceedings of the 1st International Workshop on Privacy Aspects of Social Web and Cloud Computing},
      year = {2010},
      month = {8},
      }
  • Stefan Brunthaler, "Inline caching meets quickening," in 24th European Conference on Object-Oriented Programming (Lecture Notes in Computer Science), 2010. BibTeX | PDF
    @INPROCEEDINGS{Brunthaler2010Inline,
      Author = {Stefan Brunthaler},
      title = {Inline caching meets quickening},
      booktitle = {24th European Conference on Object-Oriented Programming (Lecture Notes in Computer Science)},
      year = {2010},
      month = {6},
      pdf = {ecoop10.pdf},
      }
  • Alexandra Mazak and Bernhard Schandl and Monika Lanzenberger, "A Heuristic-based Method for Approximating the Mismatch-at-Risk in Schema-based Ontology Alignment," in International Conference on Knowledge Engineering and Ontology Development KEOD, 2010. BibTeX
    @INPROCEEDINGS{Mazak_A_Heuristic_based_Method_for_A_2010,
      Author = {Alexandra Mazak and Bernhard Schandl and Monika Lanzenberger},
      title = {A Heuristic-based Method for Approximating the Mismatch-at-Risk in Schema-based Ontology Alignment},
      booktitle = {International Conference on Knowledge Engineering and Ontology Development KEOD},
      year = {2010},
      month = {10},
      abstract = {Frequently, ontologies based on the same domain are similar but also have many differences, which are known as heterogeneity. The alignment of entities which are not meant to be used in the same context, or which follow different modeling conventions, may cause mismatch in ontology alignment. End-users would benefit from knowing the risk level of mismatch between ontologies prior to starting a time- and cost-intensive procedure. With our heuristic-based method we propose to consider the general application context of a modeled domain (the modeling context) in order to enhance the user support in schema-based alignment. In the method first part, ontology concepts are enriched with weighting meta-information, resulting from two indicators: importance weighting indicator and importance outdegree indicator. These indicators contain model- and graph-based information and can be observed and measured at the schema level of an ontology. Possible heterogeneity-risk factors are encoded in these weightings and are exploitable later in the alignment process. The output of the first part of our approach are lists of importance indicators for each ontology concept in the role of a domain class. These can be used by end-users to get a quick and context-based overview of the source ontologies. They further help to detect the core concepts or efficient initial points. In the second part, the candidate sample for our mismatch-risk model bases on external user input by manually identifying concepts between the lists of each source ontology. This strategy of a manually conducted concept selection minimizes a possible structural falsification induced by other methods. The heterogeneity risk among the concepts importance indicator values is measured as standard deviation over the candidate sample. Afterwards these measured values are aggregated, and a heterogeneity coefficient is calculated. On the basis of this risk factor the mismatch-at-risk (MaR) between ontologies can be approximated as a threshold value for schema-based ontology alignment.},
      }
  • Marco Cova and Christopher Kruegel and Giovanni Vigna, "Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code," in International World Wide Web Conference (WWW), 2010. BibTeX
    @INPROCEEDINGS{Cova_Detection_and_Analysis_of_Driv_2010,
      Author = {Marco Cova and Christopher Kruegel and Giovanni Vigna},
      title = {Detection and Analysis of Drive-by-Download Attacks and Malicious JavaScript Code},
      booktitle = {International World Wide Web Conference (WWW)},
      year = {2010},
      month = {4},
      }
  • David Huemer and A Min Tjoa and Benjamin Böck, "Towards more Trustable Log Files for Digital Forensics by Means of Trusted Computing," in Proceedings of the 24th International Conference on Advanced Information Networking and Applications (AINA 2010), 2010. BibTeX
    @INPROCEEDINGS{huemer_2010_towardsMoreTrustableLogFiles,
      Author = {David Huemer and {A Min} Tjoa and Benjamin Böck},
      title = {Towards more Trustable Log Files for Digital Forensics by Means of Trusted Computing },
      booktitle = {Proceedings of the 24th International Conference on Advanced Information Networking and Applications (AINA 2010)},
      year = {2010},
      month = {4},
      }
  • Peter Fruehwirt and Markus Huber and Martin Schmiedecker and Edgar R. Weippl, "InnoDB Database Forensics," in Proceedings of the 24th International Conference on Advanced Information Networking and Applications, 2010. BibTeX | PDF
    @INPROCEEDINGS{Huber_InnoDB_Database_Forensics_2010,
      Author = {Peter Fruehwirt and Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {InnoDB Database Forensics},
      booktitle = {Proceedings of the 24th International Conference on Advanced Information Networking and Applications},
      year = {2010},
      month = {4},
      pdf = {AINA2010-InnoDBforensics_preprint.pdf},
      }
  • Stefan Brunthaler, "Efficient inline caching without dynamic translation," in 2010 ACM Symposium on Applied Computing(SAC 2010), 2010. BibTeX | PDF
    @INPROCEEDINGS{Brunthaler2010SAC,
      Author = {Stefan Brunthaler},
      title = {Efficient inline caching without dynamic translation},
      booktitle = {2010 ACM Symposium on Applied Computing(SAC 2010)},
      year = {2010},
      month = {3},
      pdf = {sac10.pdf},
      publisher = {ACM Press},
      }
  • Kathrin Figl and Jan Mendling and Mark Strembeck and Jan Recker, "On the Cognitive Effectiveness of Routing Symbols in Process Modeling Languages," in 13th International Conference on Business Information Systems (BIS), 2010. BibTeX
    @INPROCEEDINGS{Figl_On_the_Cognitive_Effectiveness_2010,
      Author = {Kathrin Figl and Jan Mendling and Mark Strembeck and Jan Recker},
      title = {On the Cognitive Effectiveness of Routing Symbols in Process Modeling Languages},
      booktitle = {13th International Conference on Business Information Systems (BIS)},
      year = {2010},
      month = {5},
      }
  • Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler, "Risk-Aware Business Process Management: Establishing the Link Between Business and Security," in Complex Intelligent Systems and Their Applications, 2010, pp. 109-135. BibTeX | PDF
    @INPROCEEDINGS{Jakoubi_CISTA_2010,
      Author = {Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler},
      title = {Risk-Aware Business Process Management: Establishing the Link Between Business and Security},
      booktitle = {Complex Intelligent Systems and Their Applications},
      year = {2010},
      month = {1},
      pdf = {Jakoubi_CISTA_2010.pdf},
      volume = {41},
      pages = {109-135},
      publisher = {Springer New York},
      }
  • Stefan Fenz, "Ontology-based Generation of IT-Security Metrics," in Proceedings of the 2010 ACM Symposium on Applied Computing, 2010, pp. 1833-1839. BibTeX
    @INPROCEEDINGS{Fenz2010,
      Author = {Stefan Fenz},
      title = {Ontology-based Generation of {IT}-Security Metrics},
      booktitle = {Proceedings of the 2010 ACM Symposium on Applied Computing},
      year = {2010},
      month = {1},
      pages = {1833-1839},
      publisher = {ACM},
      }
  • Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler, "A Formal Approach Towards Risk-Aware Service Level Analysis and Planning," in 2010 International Conference on Availability, Reliability and Security, 2010, pp. 180-187. BibTeX
    @INPROCEEDINGS{Tjoa_A_Formal_Approach_Towards_Risk_2010,
      Author = {Stefan Jakoubi and Simon Tjoa and Sigrun Goluch and Gerhard Kitzler},
      title = {A Formal Approach Towards Risk-Aware Service Level Analysis and Planning},
      booktitle = {2010 International Conference on Availability, Reliability and Security},
      year = {2010},
      month = {2},
      pages = {180-187},
      }
  • Tobias Lauinger and Veikko Pankakoski and Davide Balzarotti and Engin Kirda, "Honeybot, Your Man in the Middle for Automated Social Engineering," in Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2010), 2010. BibTeX | PDF
    @INPROCEEDINGS{Lauinger_Honeybot2010,
      Author = {Tobias Lauinger and Veikko Pankakoski and Davide Balzarotti and Engin Kirda},
      title = {Honeybot, Your Man in the Middle for Automated Social Engineering},
      booktitle = {Proceedings of the 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET 2010)},
      year = {2010},
      month = {4},
      pdf = {autosoc-leet2010.pdf},
      }
  • Manuel Egele and Leyla Bilge and Engin Kirda and Christopher Kruegel, "CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms," in 25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications,, 2010. BibTeX
    @INPROCEEDINGS{Egele_CAPTCHASmugglingHijacking_2010,
      Author = {Manuel Egele and Leyla Bilge and Engin Kirda and Christopher Kruegel},
      title = {CAPTCHA Smuggling: Hijacking Web Browsing Sessions to Create CAPTCHA Farms},
      booktitle = {25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications,},
      year = {2010},
      month = {3},
      }
  • Amirreza Tahamtan and Amin Anjomshoaa and Edgar R. Weippl and A Min Tjoa, "A SOM-Based Technique for a User-Centric Content Extraction and Classification of Web 2.0 with a Special Consideration of Security Aspects," in Proc. of 4th International Conference on Knowledge Science, Engineering & Management (KSEM’10), 2010. BibTeX
    @INPROCEEDINGS{Tahamtan_A_SOM_Based_Technique_for_a_Us_2010,
      Author = {Amirreza Tahamtan and Amin Anjomshoaa and {Edgar R.} Weippl and {A Min} Tjoa},
      title = {A SOM-Based Technique for a User-Centric Content Extraction and Classification of Web 2.0 with a Special Consideration of Security Aspects},
      booktitle = {Proc. of 4th International Conference on Knowledge Science, Engineering & Management (KSEM'10)},
      year = {2010},
      month = {9},
      note = {According to Aminwithin Reporting Timeframe},
      }
  • Ulrich Bayer and Engin Kirda and Christopher Kruegel, "Improving the Efficiency of Dynamic Malware Analysis," in 25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications, 2010. BibTeX | PDF
    @INPROCEEDINGS{Bayer_ImprovingEfficiencyof_2010,
      Author = {Ulrich Bayer and Engin Kirda and Christopher Kruegel},
      title = {Improving the Efficiency of Dynamic Malware Analysis},
      booktitle = {25th Symposium On Applied Computing (SAC), Track on Information Security Research and Applications},
      year = {2010},
      month = {3},
      pdf = {Bayer_ImprovingEfficiencyof_2010.pdf},
      note = {Lusanne, Switzerland},
      }
  • Nicolas Racz and Edgar R. Weippl and Andreas Seufert, "A Frame of Reference for Research of Integrated Governance, Risk and Compliance (GRC)," in Proceedings of IFIP CMS 2010, 2010. BibTeX
    @INPROCEEDINGS{weippl_bzze_2010_CMS_Racz,
      Author = {Nicolas Racz and {Edgar R.} Weippl and Andreas Seufert},
      title = {A Frame of Reference for Research of Integrated Governance, Risk and Compliance (GRC)},
      booktitle = {Proceedings of IFIP CMS 2010},
      year = {2010},
      month = {3},
      publisher = {Springer LNCS},
      }
  • Johannes Heurix and Thomas Neubauer, "A Roadmap for personal identity management," in Fifth International Conference on Systems, 2010, pp. 134-139. BibTeX
    @INPROCEEDINGS{Neubauer_A_Roadmap_for_personal_identit_2010,
      Author = {Johannes Heurix and Thomas Neubauer},
      title = {A Roadmap for personal identity management},
      booktitle = {Fifth International Conference on Systems},
      year = {2010},
      month = {4},
      pages = {134-139},
      }
  • Hannes Obweger and Martin Suntinger and Josef Schiefer and Gunther Raidl, "Similarity Searching in Sequences of Complex Events," in Proceedings of the 4th International Conference on Research Challenges in Information Science (RCIS’10), 2010. BibTeX
    @INPROCEEDINGS{Obweger_Similarity_Searching_in_Sequen_2010,
      Author = {Hannes Obweger and Martin Suntinger and Josef Schiefer and Gunther Raidl},
      title = {Similarity Searching in Sequences of Complex Events},
      booktitle = {Proceedings of the 4th International Conference on Research Challenges in Information Science (RCIS'10)},
      year = {2010},
      month = {5},
      }
  • Philip Limbeck and Martin Suntinger and Josef Schiefer, "SARI OpenRec – Empowering Recommendation Systems with Business Events," in Proceedings of the Second International Conference on Advances in Databases, Knowledge and Data Applications (DBKDA’10), 2010. BibTeX
    @INPROCEEDINGS{Limbeck_SARI_OpenRec_Empowering_Recomm_2010,
      Author = {Philip Limbeck and Martin Suntinger and Josef Schiefer},
      title = {SARI OpenRec - Empowering Recommendation Systems with Business Events},
      booktitle = {Proceedings of the Second International Conference on Advances in Databases, Knowledge and Data Applications (DBKDA'10)},
      year = {2010},
      month = {4},
      }
  • Simon Tjoa and Stefan Jakoubi and Sigrun Goluch and Gerhard Kitzler, "Planning Dynamic Activity and Resource Allocations Using a Risk-Aware Business Process Management Approach," in 2010 International Conference on Availability, Reliability and Security, 2010, pp. 268-274. BibTeX | PDF
    @INPROCEEDINGS{Tjoa_Planning_Dynamic_Activity_and__2010,
      Author = {Simon Tjoa and Stefan Jakoubi and Sigrun Goluch and Gerhard Kitzler},
      title = {Planning Dynamic Activity and Resource Allocations Using a Risk-Aware Business Process Management Approach},
      booktitle = {2010 International Conference on Availability, Reliability and Security},
      year = {2010},
      month = {2},
      pdf = {Tjoa_ARES2010_dynamic.pdf},
      pages = {268-274},
      }
  • Heinz Roth and Josef Schiefer and Hannes Obweger and Szabolcs Rozsnyai, "Event Data Warehousing for Complex Event Processing," in Proceedings of the 4th International Conference on Research Challenges in Information Science (RCIS’10), 2010. BibTeX
    @INPROCEEDINGS{Schiefer_Event_Data_Warehousing_for_Com_2010,
      Author = {Heinz Roth and Josef Schiefer and Hannes Obweger and Szabolcs Rozsnyai},
      title = {Event Data Warehousing for Complex Event Processing},
      booktitle = {Proceedings of the 4th International Conference on Research Challenges in Information Science (RCIS'10)},
      year = {2010},
      month = {5},
      }
  • Marco Balduzzi and Manuel Egele and Engin Kirda and Davide Balzarotti and Christopher Kruegel, "A Solution for the Automated Detection of Clickjacking Attacks," in ASIACCS, 2010. BibTeX
    @INPROCEEDINGS{Balduzzi_A_Solution_for_the_Automated_D_2010,
      Author = {Marco Balduzzi and Manuel Egele and Engin Kirda and Davide Balzarotti and Christopher Kruegel},
      title = {A Solution for the Automated Detection of Clickjacking Attacks},
      booktitle = {ASIACCS},
      year = {2010},
      month = {4},
      }
  • William K Robertson and Federico Maggi and Christopher Kruegel and Giovanni Vigna, "Effective Anomaly Detection with Scarce Training Data," in Network and Distributed System Security Symposium (NDSS 2010), 2010. BibTeX
    @INPROCEEDINGS{Robertson_Effective_Anomaly_Detection_wi_2010,
      Author = {William K Robertson and Federico Maggi and Christopher Kruegel and Giovanni Vigna},
      title = {Effective Anomaly Detection with Scarce Training Data},
      booktitle = {Network and Distributed System Security Symposium (NDSS 2010)},
      year = {2010},
      month = {2},
      }
  • Thomas Neubauer and Markus Pehn, "Workshop-based Risk Assessment for the Definition of Secure Business Processes (best paper award)," in Second International Conference on Information, Process, and Knowledge Management, 2010, pp. 74-79. BibTeX
    @INPROCEEDINGS{Neubauer_Workshop_based_Risk_Assessment_2010,
      Author = {Thomas Neubauer and Markus Pehn},
      title = {Workshop-based Risk Assessment for the Definition of Secure Business Processes (best paper award)},
      booktitle = {Second International Conference on Information, Process, and Knowledge Management},
      year = {2010},
      month = {2},
      pages = {74-79},
      note = {BIB says rated as B but no such event found in list},
      }
  • Clemens Kolbitsch and Thorsten Holz and Christopher Kruegel and Engin Kirda, "Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries," in IEEE Security and Privacy 2010, 2010. BibTeX
    @INPROCEEDINGS{Kolbitsch_AutomatedExtraction_2010,
      Author = {Clemens Kolbitsch and Thorsten Holz and Christopher Kruegel and Engin Kirda},
      title = {Inspector Gadget: Automated Extraction of Proprietary Gadgets from Malware Binaries},
      booktitle = {IEEE Security and Privacy 2010},
      year = {2010},
      month = {1},
      }
  • Martin Suntinger and Hannes Obweger and Josef Schiefer and Philip Limbeck and Gunther Raidl, "Trend-Based Similarity Search in Time-Series Data," in Proceedings of the Second International Conference on Advances in Databases, Knowledge and Data Applications (DBKDA’10), 2010. BibTeX
    @INPROCEEDINGS{Suntinger_Trend_Based_Similarity_Search__2010,
      Author = {Martin Suntinger and Hannes Obweger and Josef Schiefer and Philip Limbeck and Gunther Raidl},
      title = {Trend-Based Similarity Search in Time-Series Data},
      booktitle = {Proceedings of the Second International Conference on Advances in Databases, Knowledge and Data Applications (DBKDA'10)},
      year = {2010},
      month = {4},
      }
  • Steffen Kunz and Sergei Evdokimov and Benjamin Fabian and Bernd Stieger and Mark Strembeck, "Role-Based Access Control for Information Federations in the Industrial Service Sector," in 18th European Conference on Information Systems (ECIS), 2010. BibTeX
    @INPROCEEDINGS{Kunz_Role_Based_Access_Control_for__2010,
      Author = {Steffen Kunz and Sergei Evdokimov and Benjamin Fabian and Bernd Stieger and Mark Strembeck},
      title = {Role-Based Access Control for Information Federations in the Industrial Service Sector},
      booktitle = {18th European Conference on Information Systems (ECIS)},
      year = {2010},
      month = {6},
      abstract = {Information federations promise an enhanced collaboration between individual stakeholders in the life cycle of commercial products, including software and hardware products from arbitrary business sectors. However, information sharing across corporate borders must be controlled by tailored mechanisms for enforcing individual business confidentiality and integrity requirements. One influential current security paradigm to achieve this goal is the application of Role-Based Access Control (RBAC). Based on ongoing work in the Aletheia project on service-oriented information federation, we present a case study on applying RBAC for information sharing among multiple stakeholders in the industrial service sector. We place a special emphasis on the methodical, tool-supported elicitation and definition of RBAC policies in this environment. In addition, we use the eXtensible Access Control Markup Language (XACML) to transfer RBAC policies between the different nodes in information federations. Further, we present a corresponding security architecture in which those XACML policies are applied for authorization decision and enforcement. The case study was conducted in cooperation with ABB, a large company providing},
      }
  • Engin Kirda and Ulrich Bayer and Corrado Leita, "Exploiting diverse observation perspectives to get insights on the malware landscape," in Dependable Systems and Networks (DSN) 2010 IEEE IFIP International Conference on, 2010, pp. 393-402. BibTeX | PDF
    @INPROCEEDINGS{leita2010exploiting,
      Author = {Engin Kirda and Ulrich Bayer and Corrado Leita},
      title = {Exploiting diverse observation perspectives to get insights on the malware landscape},
      booktitle = {Dependable Systems and Networks (DSN) 2010 IEEE IFIP International Conference on},
      year = {2010},
      month = {1},
      pdf = {dsn2010.pdf},
      pages = {393--402},
      }
  • Stefan Fenz, "From the Resource to the Business Process Risk Level," in Proceedings of the South African Information Security Multi-Conference (SAISMC’2010), 2010, pp. 100-109. BibTeX | PDF
    @INPROCEEDINGS{fenz2010resource,
      Author = {Stefan Fenz},
      title = {From the Resource to the Business Process Risk Level},
      booktitle = {Proceedings of the South African Information Security Multi-Conference (SAISMC'2010)},
      year = {2010},
      month = {1},
      pdf = {fenz2010resource.pdf},
      pages = {100--109},
      }
  • Markus Huber and Martin Schmiedecker and Edgar R. Weippl, "Tor HTTP usage and information leakage," in Proceedings of IFIP CMS 2010, 2010, pp. 245-255. BibTeX | PDF
    @INPROCEEDINGS{Mulazzani_Tor_HTTP_usage_and_information_2010,
      Author = {Markus Huber and Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Tor HTTP usage and information leakage},
      booktitle = {Proceedings of IFIP CMS 2010},
      year = {2010},
      month = {5},
      pdf = {2010 - Huber - Tor HTTP Usage.pdf},
      pages = {245-255},
      }
  • Davide Balzarotti and Marco Cova and Christoph Karlberger and Christopher Kruegel and Engin Kirda and Giovanni Vigna, "Efficient Detection of Split Personalities in Malware," in 17th Annual Network and Distributed System Security Symposium (NDSS 2010), 2010. BibTeX
    @INPROCEEDINGS{Balzarotti_Efficient_Detection_of_Split_P_2010,
      Author = {Davide Balzarotti and Marco Cova and Christoph Karlberger and Christopher Kruegel and Engin Kirda and Giovanni Vigna},
      title = {Efficient Detection of Split Personalities in Malware},
      booktitle = {17th Annual Network and Distributed System Security Symposium (NDSS 2010)},
      year = {2010},
      month = {2},
      }
  • Peter Kalchgruber and Edgar R. Weippl, "Can end-to-end verifiable e-voting be explained easily?," in Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services (iiWAS), 2009. BibTeX | PDF
    @INPROCEEDINGS{_Can_end_to_end_verifiable_e_vo_2009,
      Author = {Peter Kalchgruber and {Edgar R.} Weippl},
      title = {Can end-to-end verifiable e-voting be explained easily?},
      booktitle = {Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services (iiWAS)},
      year = {2009},
      month = {12},
      pdf = {p572-kalchgruber.pdf},
      acm = {351868},
      }
  • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer, "Ontologiebasiertes IT Risikomanagement," in D.A.CH Security 2009, 2009, pp. 14-24. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart2009Ontologiebasiertes,
      Author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
      title = {Ontologiebasiertes IT Risikomanagement},
      booktitle = {D.A.CH Security 2009},
      year = {2009},
      month = {1},
      pdf = {2009 - Ekelhart - Ontologiebasiertes IT Risikomanagement.pdf},
      pages = {14--24},
      publisher = {Syssec},
      }
  • Stefan Fenz and Andreas Ekelhart, "Formalizing Information Security Knowledge," in Proceedings of the 4th ACM Symposium on Information, Computer, and Communications Security, 2009, pp. 183-194. BibTeX
    @INPROCEEDINGS{Fenz_FormalizingInformationSecurity_2009,
      Author = {Stefan Fenz and Andreas Ekelhart},
      title = {Formalizing Information Security Knowledge},
      booktitle = {Proceedings of the 4th ACM Symposium on Information, Computer, and Communications Security},
      year = {2009},
      month = {1},
      abstract = {Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper describes a security ontology which provides an ontological structure for information security domain knowledge. Besides existing best-practice guidelines such as the German IT Grundschutz Manual also concrete knowledge of the considered organization is incorporated. An evaluation conducted by an information security expert team has shown that this knowledge model can be used to support a broad range of information security risk management approaches.},
      pages = {183-194},
      publisher = {ACM},
      note = {978-1-60558-394-5},
      }
  • Severin Winkler and Christian Proschinger, "Collaborative Penetration Testing," in 9. Internationale Tagung Wirtschaftsinformatik (Kurztitel Wi 2009), 2009. BibTeX | PDF
    @INPROCEEDINGS{Winkler_CollaborativePenetrationTesting_2009,
      Author = {Severin Winkler and Christian Proschinger},
      title = {Collaborative Penetration Testing},
      booktitle = {9. Internationale Tagung Wirtschaftsinformatik (Kurztitel Wi 2009)},
      year = {2009},
      month = {1},
      pdf = {Winkler_CollaborativePenetrationTesting_2009.pdf},
      }
  • Edgar R. Weippl and Mohammad Tabatabai Irani, "Automation Of Post-Exploitation," in Proceedings of International Conference on Security Technology (SecTech 2009), 2009. BibTeX | PDF
    @INPROCEEDINGS{TabatabaiIrani_AutomationOfPostExploitation_2009,
      Author = {{Edgar R.} Weippl and Mohammad {Tabatabai Irani}},
      title = {Automation Of Post-Exploitation},
      booktitle = {Proceedings of International Conference on Security Technology (SecTech 2009)},
      year = {2009},
      month = {1},
      pdf = {TabatabaiIrani_AutomationOfPostExploitation_2009.pdf},
      publisher = {Springer LNCS},
      }
  • Andreas Ekelhart and Mathias Kolb, "An Evaluation of Technologies for the Pseudonymization of Medical Data," in Proceedings of the ACM Symposium on Applied Computing, 2009. BibTeX
    @INPROCEEDINGS{Neubauer_EvaluationofTechnologies_2009a,
      Author = {Andreas Ekelhart and Mathias Kolb},
      title = {An Evaluation of Technologies for the Pseudonymization of Medical Data},
      booktitle = {Proceedings of the ACM Symposium on Applied Computing},
      year = {2009},
      month = {1},
      }
  • Gernot Goluch and Simon Tjoa and Thomas Neubauer and Stefan Jakoubi and Martin Wisser, "A Process Model for RFID based Business Process Analysis," in APSCC, 2009. BibTeX
    @INPROCEEDINGS{Neubauer_ProcessModelRFID_2009,
      Author = {Gernot Goluch and Simon Tjoa and Thomas Neubauer and Stefan Jakoubi and Martin Wisser},
      title = {A Process Model for RFID based Business Process Analysis},
      booktitle = {APSCC},
      year = {2009},
      month = {1},
      }
  • Martin Schmiedecker and Edgar R. Weippl, "Aktuelle Herausforderungen in der Datenbankforensik," in 7th Information Security Konferenz in Krems, 2009. BibTeX | PDF
    @INPROCEEDINGS{Mulazzani_AktuelleHerausforderungenin_2009,
      Author = {Martin Schmiedecker and {Edgar R.} Weippl},
      title = {Aktuelle Herausforderungen in der Datenbankforensik},
      booktitle = {7th Information Security Konferenz in Krems},
      year = {2009},
      month = {1},
      pdf = {Mulazzani_AktuelleHerausforderungenin_2009.pdf},
      publisher = {OCG Austrian Computer Society, Krems},
      }
  • Stefan Jakoubi and Simon Tjoa and Gernot Goluch and Gerald Quirchmayr, "A Survey of Scientific Approaches Considering the Integration of Security and Risk Aspects into Business Process Management," in International Workshop on Database and Expert Systems Applications, 2009, pp. 127-132. BibTeX | PDF
    @INPROCEEDINGS{Jakoubi_SurveyofScientific_2009,
      Author = {Stefan Jakoubi and Simon Tjoa and Gernot Goluch and Gerald Quirchmayr},
      title = {A Survey of Scientific Approaches Considering the Integration of Security and Risk Aspects into Business Process Management},
      booktitle = {International Workshop on Database and Expert Systems Applications},
      year = {2009},
      month = {1},
      pdf = {Jakoubi_SurveyofScientific_2009.pdf},
      pages = {127--132},
      publisher = {IEEE Computer Society},
      }
  • Thomas Neubauer and Christian Hartl, "On the singularity of valuating IT security investments," in IEEE/ACIS International Conference on Computer and Information Science, 2009, pp. 549-556. BibTeX
    @INPROCEEDINGS{Neubauer_singularityofvaluating_2009,
      Author = {Thomas Neubauer and Christian Hartl},
      title = {On the singularity of valuating IT security investments},
      booktitle = {IEEE/ACIS International Conference on Computer and Information Science},
      year = {2009},
      month = {1},
      pages = {549 - 556},
      }
  • Andreas Ekelhart and Thomas Neubauer and Stefan Fenz, "Automated Risk and Utility Management," in 2009 Sixth International Conference on Information Technology: New Generations, 2009, pp. 393-398. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_AutomatedRiskand_2009,
      Author = {Andreas Ekelhart and Thomas Neubauer and Stefan Fenz},
      title = {Automated Risk and Utility Management},
      booktitle = {2009 Sixth International Conference on Information Technology: New Generations},
      year = {2009},
      month = {1},
      pdf = {2009 - Ekelhart - Automated Risk and Utility Management.pdf},
      pages = {393-398},
      publisher = {IEEE Computer Society},
      }
  • Markus Huber and Stewart Kowalski and Marcus Nohlberg and Simon Tjoa, "Towards Automating Social Engineering Using Social Networking Sites," in Computational Science and Engineering, IEEE International Conference on, 2009, pp. 117-124. BibTeX | PDF
    @INPROCEEDINGS{Huber_TowardsAutomatingSocial_2009,
      Author = {Markus Huber and Stewart Kowalski and Marcus Nohlberg and Simon Tjoa},
      title = {Towards Automating Social Engineering Using Social Networking Sites},
      booktitle = {Computational Science and Engineering, IEEE International Conference on},
      year = {2009},
      month = {1},
      pdf = {2009 - Huber - Towards Automating Social Engineering Using Social Networking Sites.pdf},
      volume = {3},
      pages = {117--124},
      publisher = {IEEE Computer Society},
      }
  • Johannes Heurix and Thomas Neubauer and Thomas Mueck, "Zentralisierte Pseudonymisierung von medizinischen Patientendaten," in Tagungsband e-Health 2009, 2009. BibTeX
    @INPROCEEDINGS{Heurix_ZentralisiertePseudonymisierungvon_2009,
      Author = {Johannes Heurix and Thomas Neubauer and Thomas Mueck},
      title = {Zentralisierte Pseudonymisierung von medizinischen Patientendaten},
      booktitle = {Tagungsband e-Health 2009},
      year = {2009},
      month = {1},
      }
  • Johannes Heurix and Thomas Neubauer, "Massenpseudonymisierung von persönlichen medizinischen Daten," in DACH Security, 2009. BibTeX
    @INPROCEEDINGS{Heurix_Massenpseudonymisierungvonpersoenlichen_2009,
      Author = {Johannes Heurix and Thomas Neubauer},
      title = {Massenpseudonymisierung von pers{\"o}nlichen medizinischen Daten},
      booktitle = {DACH Security},
      year = {2009},
      month = {1},
      }
  • A Min Tjoa and Stefan Fenz and Marcus Hudec, "Ontology-based Generation of Bayesian Networks," in International Conference on Complex, Intelligent and Software Intensive Systems, 2009. CISIS ’09., 2009, pp. 712-717. BibTeX | PDF
    @INPROCEEDINGS{Fenz_OntologybasedGenerationof_2009,
      Author = {{A Min} Tjoa and Stefan Fenz and Marcus Hudec},
      title = {Ontology-based Generation of {Bayesian} Networks},
      booktitle = {International Conference on Complex, Intelligent and Software Intensive Systems, 2009. CISIS '09.},
      year = {2009},
      month = {1},
      abstract = {Bayesian networks are indispensable for determining the probability of events which are influenced by various components. Bayesian probabilities encode degrees of belief about certain events and a dynamic knowledge body is used to strengthen, update, or weaken these assumptions. The creation of Bayesian networks requires at least three challenging tasks: (i) the determination of relevant influence factors, (ii) the determination of relationships between the identified influence factors, and (iii) the calculation of the conditional probability tables for each node in the Bayesian network. Based on existing domain ontologies, we propose a method for the ontology-based generation of Bayesian networks. The ontology is used to provide the necessary knowledge about relevant influence factors, their relationships, their weights, and the scale which represents potential states of the identified influence factors. The developed method enables, based on existing ontologies, the semi-automatic generation and alternation of Bayesian networks.},
      pdf = {2009 - Fenz - Ontology-based Generation of Bayesian Networks.pdf},
      pages = {712-717},
      publisher = {IEEE Computer Society},
      }
  • Stefan Fenz and Thomas Neubauer, "How to Determine Threat Probabilities Using Ontologies and Bayesian Networks," in CSIIRW 09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research, 2009. BibTeX
    @INPROCEEDINGS{Fenz_HowtoDetermine_2009,
      Author = {Stefan Fenz and Thomas Neubauer},
      title = {How to Determine Threat Probabilities Using Ontologies and Bayesian Networks},
      booktitle = {CSIIRW 09: Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research},
      year = {2009},
      month = {1},
      abstract = {The subjective threat probability determination is one of the main reasons for an inadequate information security strategy endangering the organization in performing its mission. To address the problem this research project proposes an ontology- and Bayesian-based approach for determining asset-specific and comprehensible threat probabilities. The elaborated concepts enable risk managers to comprehensibly quantify the current security status of their organization.},
      publisher = {ACM},
      }
  • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer, "Business Process-based Resource Importance Determination," in Proceedings of the 7th International Conference on Business Process Management (BPM 2009), 2009, pp. 113-127. BibTeX
    @INPROCEEDINGS{Fenz_BusinessProcessbasedResource_2009,
      Author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
      title = {Business Process-based Resource Importance Determination},
      booktitle = {Proceedings of the 7th International Conference on Business Process Management (BPM 2009)},
      year = {2009},
      month = {1},
      abstract = {Information security risk management (ISRM) heavily depends on realistic impact values representing the resources importance in the overall organizational context. Although a variety of ISRM approaches have been proposed, well-founded methods that provide an answer to the following question are still missing: How can business processes be used to determine resources importance in the overall organizational context? We answer this question by measuring the actual importance level of resources based on business processes. Therefore, this paper presents our novel business process-based resource importance determination method which provides ISRM with an efficient and powerful tool for deriving realistic resource importance figures solely from existing business processes. The conducted evaluation has shown that the calculation results of the developed method comply to the results gained in traditional workshop-based assessments.},
      pages = {113-127},
      publisher = {Springer},
      note = {accepted for publication},
      }
  • Simon Tjoa and Thomas Neubauer and Stefan Jakoubi, "A Roadmap to Risk-Aware Business Process Management," in APSCC, 2009. BibTeX
    @INPROCEEDINGS{Jakoubi_RoadmaptoRiskAware_2009,
      Author = {Simon Tjoa and Thomas Neubauer and Stefan Jakoubi},
      title = {A Roadmap to Risk-Aware Business Process Management},
      booktitle = {APSCC},
      year = {2009},
      month = {1},
      }
  • Stefan Jakoubi and Simon Tjoa, "A Reference Model for Risk-Aware Business Process Management," in International Conference on Risks and Security of Internet and Systems, 2009. BibTeX | PDF
    @INPROCEEDINGS{Jakoubi_ReferenceModelRiskAware_2009,
      Author = {Stefan Jakoubi and Simon Tjoa},
      title = {A Reference Model for Risk-Aware Business Process Management},
      booktitle = {International Conference on Risks and Security of Internet and Systems},
      year = {2009},
      month = {1},
      pdf = {Jakoubi_ReferenceModelRiskAware_2009 (2).pdf},
      publisher = {IEEE},
      }
  • Christopher Kruegel and Engin Kirda and Andreas Moser and Kevin Almaroth and Brett Stone-Gross, "FIRE: FInding Rogue nEtworks," in 25th Annual Computer Security Applications Conference (ACSAC), 2009. BibTeX | PDF
    @INPROCEEDINGS{StoneGross_FIREFIndingRogue_2009,
      Author = {Christopher Kruegel and Engin Kirda and Andreas Moser and Kevin Almaroth and Brett Stone-Gross},
      title = {FIRE: FInding Rogue nEtworks},
      booktitle = {25th Annual Computer Security Applications Conference (ACSAC)},
      year = {2009},
      month = {12},
      pdf = {StoneGross_FIREFIndingRogue_2009.pdf},
      }
  • Christopher Kruegel and Engin Kirda and Manuel Egele, "Removing Web Spam Links from Search Engine Results," in 31st International Conference on Software Engineering (ICSE), 2009. BibTeX | PDF
    @INPROCEEDINGS{Egele_RemovingWebSpam_2009,
      Author = {Christopher Kruegel and Engin Kirda and Manuel Egele},
      title = {Removing Web Spam Links from Search Engine Results},
      booktitle = {31st International Conference on Software Engineering (ICSE)},
      year = {2009},
      month = {5},
      pdf = {Egele_RemovingWebSpam_2009.pdf},
      publisher = {IEEE Computer Society},
      note = {Vancouver, Canada},
      }
  • Mark Strembeck and Jan Mendling and Kathrin Figl, "Towards a Usability Assessment of Process Modeling Languages," in 8. GI-Workshop EPK: Geschäftsprozessmanagement mit Ereignisgesteuerten Prozessketten, 2009. BibTeX
    @INPROCEEDINGS{Figl_Towards_a_Usability_Assessment_2009,
      Author = {Mark Strembeck and Jan Mendling and Kathrin Figl},
      title = {Towards a Usability Assessment of Process Modeling Languages},
      booktitle = {8. GI-Workshop EPK: Geschäftsprozessmanagement mit Ereignisgesteuerten Prozessketten},
      year = {2009},
      month = {10},
      }
  • Otto Hellwig, "Schutz kritischer Informations-Infrastrukturen: Vergleich der Policies der USA und der Europäischen Union am Sektor Telekommunikation," in 7. Information Security Konferenz, 2009. BibTeX
    @INPROCEEDINGS{Hellwig2009Schutz,
      Author = {Otto Hellwig},
      title = {Schutz kritischer Informations-Infrastrukturen: Vergleich der Policies der USA und der Europäischen Union am Sektor Telekommunikation},
      booktitle = {7. Information Security Konferenz},
      year = {2009},
      month = {0},
      }
  • Thomas Neubauer, "A Comparison of Security Safeguard Selection Methods," in Proceedings of the 11th International Conference on Enterprise Information Systems, 2009, pp. 320-323. BibTeX
    @INPROCEEDINGS{Neubauer_ComparisonofSecurity_2009,
      Author = {Thomas Neubauer},
      title = {A Comparison of Security Safeguard Selection Methods},
      booktitle = {Proceedings of the 11th International Conference on Enterprise Information Systems},
      year = {2009},
      month = {1},
      pages = {320-323},
      }
  • Stefan Fenz and Andreas Ekelhart and Thomas Neubauer, "Ontologiebasiertes IT Risikomanagement," in D.A.CH Security 2009, 2009, pp. 14-24. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_OntologiebasiertesITRisikomanagement_2009,
      Author = {Stefan Fenz and Andreas Ekelhart and Thomas Neubauer},
      title = {Ontologiebasiertes IT Risikomanagement},
      booktitle = {D.A.CH Security 2009},
      year = {2009},
      month = {1},
      abstract = {Informationssicherheitsrisikomanagement (Information Security Risk Management, ISRM) stellt einen effizienten Zugang zur Bewertung, Verringerung und Evaluierung von Informationssicherheitsrisiken dar. Bereits bestehende ISRM-Ans{\"a}tze sind weitgehend akzeptiert, setzen jedoch sehr detailliertes Informationssicherheitswissen und genaue Kenntnisse des tats{\"a}chlichen Unternehmensumfeldes voraus. Die inad{\"a}quate Umsetzung von ISRM gef{\"a}hrdet die planm{\"a}{\ss}ige Umsetzung der Unternehmensstrategie und kann zu einer Minderung des Unternehmenswertes f{\"u}hren. Der vorliegende Beitrag pr{\"a}sentiert das AURUM Tool, welches die Schwachstellen bestehender Ans{\"a}tze adressiert und Entscheidungstr{\"a}ger bei der Auswahl eines effizienten IT-Sicherheitsportfolios unter Ber{\"u}cksichtigung organisationsspezifischer, technischer und wirtschaftlicher Anforderungen unterst{\"u}tzt.},
      pdf = {2009 - Ekelhart - Ontologiebasiertes IT Risikomanagement.pdf},
      pages = {14-24},
      publisher = {Syssec},
      }
  • Ulrich Bayer and Paolo Milani Comparetti and Clemens Hlauschek and Christopher Kruegel and Engin Kirda, "Scalable, Behavior-Based Malware Clustering," in Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS 2009), 2009. BibTeX | PDF
    @INPROCEEDINGS{Bayer_ScalableBehaviorBasedMalware_2009,
      Author = {Ulrich Bayer and Paolo Milani Comparetti and Clemens Hlauschek and Christopher Kruegel and Engin Kirda},
      title = {Scalable, Behavior-Based Malware Clustering},
      booktitle = {Proceedings of the 16th Annual Network and Distributed System Security Symposium (NDSS 2009)},
      year = {2009},
      month = {1},
      pdf = {Bayer_ScalableBehaviorBasedMalware_2009.pdf},
      }
  • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer, "Ontology-based Decision Support for Information Security Risk Management," in International Conference on Systems, 2009. ICONS 2009., 2009, pp. 80-85. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_OntologybasedDecisionSupport_2009,
      Author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
      title = {Ontology-based Decision Support for Information Security Risk Management},
      booktitle = {International Conference on Systems, 2009. ICONS 2009.},
      year = {2009},
      month = {3},
      abstract = {As eBusiness and eCommerce applications are increasingly exposed to a variety of information security threats, corporate decision makers are increasingly forced to pay attention to security issues. Risk management provides an effective approach for measuring the security but existing risk management approaches come with major shortcomings such as the demand for very detailed knowledge about the IT security domain and the actual company environment. This paper presents the implementation of the AURUM methodology into a software solution which addresses the identified shortcomings of existing information security risk management software solutions. Thereby, the presented approach supports decision makers in risk assessment, risk mitigation, and safeguard evaluation.},
      pdf = {2009 - Ekelhart - Ontology-based Decision Support for Information Security Risk Management.pdf},
      pages = {80-85},
      publisher = {IEEE Computer Society},
      }
  • Stefan Fenz and Thomas Pruckner and Arman Manutscheri, "Ontological Mapping of Information Security Best-Practice Guidelines," in Business Information Systems, 12th International Conference on Business Information Systems, BIS 2009, 2009. BibTeX
    @INPROCEEDINGS{Fenz_OntologicalMappingof_2009,
      Author = {Stefan Fenz and Thomas Pruckner and Arman Manutscheri},
      title = {Ontological Mapping of Information Security Best-Practice Guidelines},
      booktitle = {Business Information Systems, 12th International Conference on Business Information Systems, BIS 2009},
      year = {2009},
      month = {4},
      publisher = {Springer Berlin Heidelberg},
      }
  • Christopher Kruegel and Engin Kirda and Manuel Egele, "Mitigating Drive-by Download Attacks: Challenges and Open Problems," in Open Research Problems in Network Security Workshop, 2009. BibTeX | PDF
    @INPROCEEDINGS{Egele_MitigatingDrivebyDownload_2009,
      Author = {Christopher Kruegel and Engin Kirda and Manuel Egele},
      title = {Mitigating Drive-by Download Attacks: Challenges and Open Problems},
      booktitle = {Open Research Problems in Network Security Workshop},
      year = {2009},
      month = {4},
      pdf = {Egele_MitigatingDrivebyDownload_2009.pdf},
      publisher = {iNetSec 2009},
      note = {Zurich},
      }
  • Hannes Obweger and Josef Schiefer and Martin Suntinger, "Correlating Business Events for Event-Triggered Rules," in Proceedings of the 2009 International Symposium on Rule Interchange and Applications (RuleML’09), 2009. BibTeX
    @INPROCEEDINGS{Schiefer_Correlating_Business_Events_fo_2009,
      Author = {Hannes Obweger and Josef Schiefer and Martin Suntinger},
      title = {Correlating Business Events for Event-Triggered Rules},
      booktitle = {Proceedings of the 2009 International Symposium on Rule Interchange and Applications (RuleML'09)},
      year = {2009},
      month = {11},
      }
  • Engin Kirda and Davide Balzarotti and Leyla Bilge and Thorsten Strufe, "All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks," in 18th International World Wide Web Conference, 2009. BibTeX | PDF
    @INPROCEEDINGS{Bilge_AllYourContacts_2009,
      Author = {Engin Kirda and Davide Balzarotti and Leyla Bilge and Thorsten Strufe},
      title = {All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks},
      booktitle = {18th International World Wide Web Conference},
      year = {2009},
      month = {4},
      pdf = {Bilge_AllYourContacts_2009.pdf},
      publisher = {31st International Conference on Software Engineering IEEE Computer Society, Vancouver, Cana},
      }
  • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer, "AURUM: A Framework for Supporting Information Security Risk Management," in Proceedings of the 42nd Hawaii International Conference on System Sciences, HICSS2009, 2009, pp. 1-10. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_AURUMFrameworkSupporting_2009,
      Author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer},
      title = {AURUM: A Framework for Supporting Information Security Risk Management},
      booktitle = {Proceedings of the 42nd Hawaii International Conference on System Sciences, HICSS2009},
      year = {2009},
      month = {1},
      pdf = {2009 - Ekelhart - AURUM A Framework for Information Security Risk Management.pdf},
      pages = {1--10},
      publisher = {IEEE Computer Society},
      }
  • Christopher Kruegel and Engin Kirda and Christian Platzer and Christian Ludl and Peter Wurzinger, "SWAP: Mitigating XSS Attacks using a Reverse Proxy," in The 5th International Workshop on Software Engineering for Secure Systems SESS09 31st International Conference on Software Engineering ICSE, 2009. BibTeX | PDF
    @INPROCEEDINGS{Wurzinger_SWAPMitigatingXSS_2009,
      Author = {Christopher Kruegel and Engin Kirda and Christian Platzer and Christian Ludl and Peter Wurzinger},
      title = {SWAP: Mitigating XSS Attacks using a Reverse Proxy},
      booktitle = {The 5th International Workshop on Software Engineering for Secure Systems SESS09 31st International Conference on Software Engineering ICSE},
      year = {2009},
      month = {5},
      pdf = {Wurzinger_SWAPMitigatingXSS_2009.pdf},
      publisher = {IEEE Computer Society},
      }
  • Christopher Kruegel and Engin Kirda and Manuel Egele, "Prospex: Protocol Specification Extraction," in 18th European Institute for Computer Antivirus Research, 2009. BibTeX | PDF
    @INPROCEEDINGS{Egele_ProspexProtocolSpecification_2009,
      Author = {Christopher Kruegel and Engin Kirda and Manuel Egele},
      title = {Prospex: Protocol Specification Extraction},
      booktitle = {18th European Institute for Computer Antivirus Research},
      year = {2009},
      month = {5},
      pdf = {Egele_ProspexProtocolSpecification_2009.pdf},
      publisher = {EICAR 2009 Annual Conference},
      note = {Berlin},
      }
  • Mark Strembeck and Uwe Zdun, "Reusable Architectural Decisions for DSL Design: Foundational Decisions in DSL Development," in 14th European Conference on Pattern Languages of Programs (EuroPLoP), 2009. BibTeX
    @INPROCEEDINGS{Zdun_Reusable_Architectural_Decisio_2009,
      Author = {Mark Strembeck and Uwe Zdun},
      title = {Reusable Architectural Decisions for DSL Design: Foundational Decisions in DSL Development},
      booktitle = {14th European Conference on Pattern Languages of Programs (EuroPLoP)},
      year = {2009},
      month = {7},
      }
  • Christopher Kruegel and Engin Kirda and Paolo Milani Comparetti and Xiaoyong Zhou and Xiaofeng Wang, "Effective and Efficient Malware Detection at the End Host," in in USENIX Security 09, 2009. BibTeX | PDF
    @INPROCEEDINGS{Kolbitsch_EffectiveandEfficient_2009,
      Author = {Christopher Kruegel and Engin Kirda and Paolo Milani Comparetti and Xiaoyong Zhou and Xiaofeng Wang},
      title = {Effective and Efficient Malware Detection at the End Host},
      booktitle = {in USENIX Security 09},
      year = {2009},
      month = {8},
      pdf = {Kolbitsch_EffectiveandEfficient_2009.pdf},
      note = {Canada, August 2009},
      }
  • Christopher Kruegel and Engin Kirda and Leyla Bilge and Thorsten Holz and Peter Wurzinger and Jan Goebel, "Automatically Generating Models for Botnet Detection," in 14th European Symposium on Research in Computer Security (ESORICS 2009), 2009. BibTeX | PDF
    @INPROCEEDINGS{Wurzinger_AutomaticallyGeneratingModels_2009,
      Author = {Christopher Kruegel and Engin Kirda and Leyla Bilge and Thorsten Holz and Peter Wurzinger and Jan Goebel},
      title = {Automatically Generating Models for Botnet Detection},
      booktitle = {14th European Symposium on Research in Computer Security (ESORICS 2009)},
      year = {2009},
      month = {9},
      pdf = {Wurzinger_AutomaticallyGeneratingModels_2009.pdf},
      note = {14th European Symposium on Research in Computer Security (ESORICS 2009), Saint Malo, Brittany, France},
      }
  • Clemens Kolbitsch, "Automated Spyware Collection and Analysis," in Information Security Conference, 2009. BibTeX | PDF
    @INPROCEEDINGS{Kolbitsch_AutomatedSpywareCollection_2009,
      Author = {Clemens Kolbitsch},
      title = {Automated Spyware Collection and Analysis},
      booktitle = {Information Security Conference},
      year = {2009},
      month = {9},
      pdf = {Kolbitsch_AutomatedSpywareCollection_2009.pdf},
      publisher = {ISC 2009},
      note = {Pisa, Italy},
      }
  • Ulrich Bayer and Imam Habibi and Davide Balzarotti and Engin Kirda and Christopher Kruegel, "A View on Current Malware Behaviors," in 2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston, 2009. BibTeX | PDF
    @INPROCEEDINGS{Bayer_InsightsIntoCurrent_2009,
      Author = {Ulrich Bayer and Imam Habibi and Davide Balzarotti and Engin Kirda and Christopher Kruegel},
      title = {A View on Current Malware Behaviors},
      booktitle = {2nd USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET), Boston},
      year = {2009},
      month = {4},
      pdf = {Bayer_InsightsIntoCurrent_2009.pdf},
      }
  • A Min Tjoa and Edgar R. Weippl and Farman Ali Khan and Sabine Graf, "An Approach for Identifying Affective States through Behavioral Patterns in Web-based Learning Management System," in Proceedings of the 11th International Conference on Information Integration and Web Based Applications and Services (iiWAS2009), 2009. BibTeX | PDF
    @INPROCEEDINGS{Khan_Identifying_and_Incorporating__2010,
      Author = {{A Min} Tjoa and {Edgar R.} Weippl and Farman Ali Khan and Sabine Graf},
      title = {An Approach for Identifying Affective States through Behavioral Patterns in Web-based Learning Management System},
      booktitle = {Proceedings of the 11th International Conference on Information Integration and Web Based Applications and Services (iiWAS2009)},
      year = {2009},
      month = {12},
      abstract = {Learning styles and affective states influence students learning. The purpose of this study is to develop a conceptual framework for identifying and integrating learning styles and affective states of a learner into web-based learning management systems and therefore provide learners with adaptive courses and additional individualized pedagogical guidance that is tailored to their learning styles and affective states. The study was carried out in three phases, the first of which was the investigation and determination of learning styles and affective states which are important for learning. Phase two consisted of the development of an approach for the identification of learning styles and affective states as well as the development of a mechanism to calculate them from the students learning interactions within web-based learning management systems. The third phase was to develop a learning strategy that is more personalized and adaptive in nature and tailored to learners needs and current situation through considering learners learning styles and affective states, aiming to lead to better learning outcomes and progress},
      pdf = {p431-khan.pdf},
      acm = {351733},
      }
  • Thomas Neubauer, "Technologies for the Pseudonymization of Medical Data: A Legal Evaluation," in International Conference on Systems, 2009. BibTeX
    @INPROCEEDINGS{Neubauer_TechnologiesPseudonymizationof_2009,
      Author = {Thomas Neubauer},
      title = {Technologies for the Pseudonymization of Medical Data: A Legal Evaluation},
      booktitle = {International Conference on Systems},
      year = {2009},
      month = {1},
      publisher = {IEEE Computer Society},
      note = {Best Paper Award},
      }
  • Stefan Fenz and Edgar R. Weippl and Andreas Ekelhart, "Fortification of IT security by automatic security advisory processing," in Proceedings of the 22nd International Conference on Advanced Information Networking and Applications, AINA2008, 2008, pp. 575-582. BibTeX
    @INPROCEEDINGS{Fenz_FortificationofIT_2008,
      Author = {Stefan Fenz and {Edgar R.} Weippl and Andreas Ekelhart},
      title = {Fortification of IT security by automatic security advisory processing},
      booktitle = {Proceedings of the 22nd International Conference on Advanced Information Networking and Applications, AINA2008},
      year = {2008},
      month = {3},
      abstract = {The past years have seen the rapid increase of security related incidents in the field of information technology. IT infrastructures in the commercial as well as in the governmental sector are becoming evermore heterogeneous which increases the complexity of handling and maintaining an adequate security level. Especially organizations which are hosting and processing highly sensitive data are obligated to establish a holistic company-wide security approach. We propose a novel security concept to reduce this complexity by automatic assessment of security advisories. A central entity collects vulnerability information from various sources, converts it into a standardized and machine-readable format and distributes it to its subscribers. The subscribers are then able to automatically map the vulnerability information to the ontological stored infrastructure data to visualize newly-discovered software vulnerabilities. The automatic analysis of vulnerabilities decreases response times and permits precise response to new threats and vulnerabilities, thus decreasing the administration complexity and increasing the IT security level.},
      pages = {575-582},
      publisher = {IEEE Computer Society},
      }
  • Markus Huber and Stewart Kowalski and Marcus Nohlberg, "Measuring Readiness for Automated Social Engineering," in In CD ROM Proceedings of the 7th Security Conference, 2008. BibTeX
    @INPROCEEDINGS{nohlberghuber2008,
      Author = {Markus Huber and Stewart Kowalski and Marcus Nohlberg},
      title = {Measuring Readiness for Automated Social Engineering},
      booktitle = {In CD ROM Proceedings of the 7th Security Conference},
      year = {2008},
      month = {6},
      }
  • Thomas Neubauer and Andreas Ekelhart and Stefan Fenz, "Interactive Selection of ISO 27001 Controls under Multiple Objectives," in Proceedings of the Ifip Tc 11 23rd International Information Security Conference, IFIPSec 2008, 2008, pp. 477-492. BibTeX | PDF
    @INPROCEEDINGS{Neubauer_InteractiveSelectionof_2008,
      Author = {Thomas Neubauer and Andreas Ekelhart and Stefan Fenz},
      title = {Interactive Selection of ISO 27001 Controls under Multiple Objectives},
      booktitle = {Proceedings of the Ifip Tc 11 23rd International Information Security Conference, IFIPSec 2008},
      year = {2008},
      month = {7},
      pdf = {2008 - Neubauer - Interactive Selection of ISO 27001 Controls under Multiple Objectives.pdf},
      volume = {278_2008},
      pages = {477--492},
      publisher = {Springer},
      }
  • Christopher Kruegel and Giovanni Vigna and Marco Cova, "There Is No Free Phish: An Analysis of free and live phishing kits," in Usenix Workshop on Offensive Technologies (WOOT), 2008, p. 8. BibTeX | PDF
    @INPROCEEDINGS{MarcoCova_ThereIsNo_2008,
      Author = {Christopher Kruegel and Giovanni Vigna and Marco Cova},
      title = {There Is No Free Phish: An Analysis of free and live phishing kits},
      booktitle = {Usenix Workshop on Offensive Technologies (WOOT)},
      year = {2008},
      month = {7},
      pdf = {MarcoCova_ThereIsNo_2008.pdf},
      pages = {8},
      note = {Usenix Workshop on Offensive Technologies (WOOT),},
      }
  • Marcel Medwed and Jörn-Marc Schmidt, "A Generic Fault Countermeasure Providing Data and Program Flow Integrity," in Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2008, Washington DC, USA, August 10, 2008, Proceedings, 2008. BibTeX
    @INPROCEEDINGS{Medwed_GenericFaultCountermeasure_2008,
      Author = {Marcel Medwed and Jörn-Marc Schmidt},
      title = {A Generic Fault Countermeasure Providing Data and Program Flow Integrity},
      booktitle = {Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2008, Washington DC, USA, August 10, 2008, Proceedings},
      year = {2008},
      month = {8},
      abstract = {So far many software countermeasures against fault attacks have been proposed. However, most of them are tailored to a specific cryptographic algorithm or focus on securing the processed data only. In this work we present a generic and elegant approach by using a highly fault secure algebraic structure. This structure is compatible to finite fields and rings and preserves its error detection property throughout addition and multiplication. Additionally, we introduce a method to generate a fingerprint of the instruction sequence. Thus, it is possible to check the result for data corruption as well as for modifications in the program flow. This is even possible if the order of the instructions is randomized. Furthermore, the properties of the countermeasure allow the deployment of error detection as well as error diffusion. We point out that the overhead for the calculations and for the error checking within this structure is reasonable and that the transformations are efficient. In addition we discuss how our approach increases the security in various kinds of fault scenarios.},
      publisher = {IEEE-CS Press},
      note = {To be published},
      }
  • Christopher Kruegel and Engin Kirda and Guenther Starnberger, "Overbot – A botnet protocol based on Kademlia," in 4th International Conference on Security and Privacy in Communication Networks (SecureComm), 2008. BibTeX
    @INPROCEEDINGS{Starnberger_Overbotbotnet_2008,
      Author = {Christopher Kruegel and Engin Kirda and Guenther Starnberger},
      title = {Overbot - A botnet protocol based on Kademlia},
      booktitle = {4th International Conference on Security and Privacy in Communication Networks (SecureComm)},
      year = {2008},
      month = {9},
      publisher = {Istanbul, Turkey},
      }
  • Jörn-Marc Schmidt, "A Chemical Memory Snapshot," in Proceedings of Smart Card Research and Advanced Application Conference — CARDIS, 2008. BibTeX
    @INPROCEEDINGS{Schmidt_ChemicalMemorySnapshot_2008,
      Author = {Jörn-Marc Schmidt},
      title = {A Chemical Memory Snapshot},
      booktitle = {Proceedings of Smart Card Research and Advanced Application Conference -- CARDIS},
      year = {2008},
      month = {9},
      abstract = {Smart cards and embedded systems are part of everyday life. A lot of them contain sensitive data like keys used in secure applications. These keys have to be transferred from non-volatile to static memory to generate signatures or encrypt data. Hence, the possibility to read out the static memory of a device is a crucial security threat. This paper presents a new technique to read out secret data from the internal static memory of a cryptographic evice. A chemical reaction of the top metal layer of a decapsulated chip is used to identify lines connected to the positive power supply. Using this information, we are able to obtain the content of memory cells like the secret key of a cryptographic system.},
      publisher = {Springer},
      note = {To be published},
      }
  • Mark Strembeck and Jan Mendling and Karsten Ploesser, "Specifying Separation of Duty Constraints in BPEL4People Processes," in 11th International Conference on Business Information Systems (BIS), 2008. BibTeX
    @INPROCEEDINGS{Mendling_Specifying_Separation_of_Duty__2008,
      Author = {Mark Strembeck and Jan Mendling and Karsten Ploesser},
      title = {Specifying Separation of Duty Constraints in BPEL4People Processes},
      booktitle = {11th International Conference on Business Information Systems (BIS)},
      year = {2008},
      month = {5},
      }
  • Christopher Kruegel and Engin Kirda and Eric Medvet, "Visual-Similarity-Based Phishing Detection," in IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2008. BibTeX
    @INPROCEEDINGS{Medvet_VisualSimilarityBasedPhishing_2008,
      Author = {Christopher Kruegel and Engin Kirda and Eric Medvet},
      title = {Visual-Similarity-Based Phishing Detection},
      booktitle = {IEEE International Conference on Security and Privacy for Emerging Areas in Communication Networks},
      year = {2008},
      month = {9},
      }
  • A Min Tjoa and Stefan Fenz, "Ontology- and Bayesian-based Threat Probability Determination," in Proceedings of the Junior Scientist Conference 2008, 2008, pp. 69-70. BibTeX
    @INPROCEEDINGS{Fenz_OntologyandBayesianbased_2008a,
      Author = {{A Min} Tjoa and Stefan Fenz},
      title = {Ontology- and Bayesian-based Threat Probability Determination},
      booktitle = {Proceedings of the Junior Scientist Conference 2008},
      year = {2008},
      month = {11},
      abstract = {Information security risk management is crucial for ensuring long-term business success and thus numerous approaches to implementing an adequate information security risk management strategy have been proposed. The subjective threat probability determination is one of the main reasons for an inadequate information security strategy endangering the organization in performing its mission. To address the problem this research project proposes an ontology- and Bayesian-based approach for determining asset-specific and comprehensible threat probabilities. The elaborated concepts enable risk managers to comprehensibly quantify the current security status of their organization.},
      pages = {69-70},
      publisher = {Vienna University of Technology},
      }
  • Jörn-Marc Schmidt and Christoph Herbst, "A Practical Fault Attack on Square and Multiply," in Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2008, Washington DC, USA, August 10, 2008, Proceedings, 2008. BibTeX
    @INPROCEEDINGS{Schmidt_PracticalFaultAttack_2008,
      Author = {Jörn-Marc Schmidt and Christoph Herbst},
      title = {A Practical Fault Attack on Square and Multiply},
      booktitle = {Fault Diagnosis and Tolerance in Cryptography, Third International Workshop, FDTC 2008, Washington DC, USA, August 10, 2008, Proceedings},
      year = {2008},
      month = {8},
      abstract = {In order to provide security for a device, cryptographic algorithms are implemented on them. Even devices using a cryptographically secure algorithm may be vulnerable to implementation attacks like side channel analysis or fault attacks. Most fault attacks on RSA concentrate on the vulnerability of the Chinese Remainder Theorem to fault injections. A few other attacks on RSA which do not use this speed-up technique have been published. Nevertheless, these attacks require a quite precise fault injection like a bit flip or target a special operation without any possibility to check if the fault was injected in the intended way, like in safe-error attacks. In this paper we propose a new attack on square and multiply, based on a manipulation of the control flow. Furthermore, we show how to realize this attack in practice using non-invasive spike attacks and discuss impacts of different side channel analysis countermeasures on our attack. The attack was performed using low cost equipment.},
      publisher = {IEEE-CS Press},
      note = {To be published},
      }
  • Christopher Kruegel and Giovanni Vigna and Luca Foschini and Ashish Thypliyal and Lorenzo Cavallaro, "A Parallel Architecture for Stateful, High-Speed Intrusion Detection," in International Conference on Information Systems Security (ICISS) , Lecture Notes in Computer Science, 2008. BibTeX
    @INPROCEEDINGS{Foschini_ParallelArchitectureStateful_2008,
      Author = {Christopher Kruegel and Giovanni Vigna and Luca Foschini and Ashish Thypliyal and Lorenzo Cavallaro},
      title = {A Parallel Architecture for Stateful, High-Speed Intrusion Detection},
      booktitle = {International Conference on Information Systems Security (ICISS) , Lecture Notes in Computer Science},
      year = {2008},
      month = {12},
      publisher = {Springer Verlag},
      }
  • Christopher Kruegel and Engin Kirda and Sean McAllister, "Leveraging User INteractions for IN-Depth- Testing of Weg Applications," in Symposium on Recent Advances in Intrusion Detection, 2008. BibTeX
    @INPROCEEDINGS{Allister_SymposiumRecentAdvances_2008,
      Author = {Christopher Kruegel and Engin Kirda and Sean McAllister},
      title = {Leveraging User INteractions for IN-Depth- Testing of Weg Applications},
      booktitle = {Symposium on Recent Advances in Intrusion Detection},
      year = {2008},
      month = {1},
      }
  • Stefan Fenz and Andreas Ekelhart and Edgar R. Weippl, "Semantic Potential of existing Security Advisory Standards," in Proceedings of the FIRST2008 Conference, 2008. BibTeX | PDF
    @INPROCEEDINGS{Fenz_SemanticPotentialof_2008,
      Author = {Stefan Fenz and Andreas Ekelhart and {Edgar R.} Weippl},
      title = {Semantic Potential of existing Security Advisory Standards},
      booktitle = {Proceedings of the FIRST2008 Conference},
      year = {2008},
      month = {1},
      pdf = {2008 - Fenz - Semantic Potential of Existing Security Advisory Standards.pdf},
      }
  • Thomas Neubauer and Bernhard Riedl, "Improving Patients Privacy with Pseudonymization," in Proceedings of the International Congress of the European Federation for Medical Informatics, 2008. BibTeX
    @INPROCEEDINGS{Neubauer_ImprovingPatientsPrivacy_2008,
      Author = {Thomas Neubauer and Bernhard Riedl},
      title = {Improving Patients Privacy with Pseudonymization},
      booktitle = {Proceedings of the International Congress of the European Federation for Medical Informatics},
      year = {2008},
      month = {1},
      }
  • Engin Kirda and Corrado Leita and Julio Canto and Marc Dacier, "Large Scale Malware Collection: Lessons Learned," in IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing System, 2008. BibTeX | PDF
    @INPROCEEDINGS{Canto_LargeScaleMalware_2008,
      Author = {Engin Kirda and Corrado Leita and Julio Canto and Marc Dacier},
      title = {Large Scale Malware Collection: Lessons Learned},
      booktitle = {IEEE SRDS Workshop on Sharing Field Data and Experiment Measurements on Resilience of Distributed Computing System},
      year = {2008},
      month = {10},
      pdf = {Canto_LargeScaleMalware_200.pdf},
      note = {Naples, Italy},
      }
  • Mark Strembeck and Jan Mendling, "Influence Factors of Understanding Business Process Models," in 11th International Conference on Business Information Systems (BIS), 2008. BibTeX
    @INPROCEEDINGS{Mendling_Influence_Factors_of_Understan_2008,
      Author = {Mark Strembeck and Jan Mendling},
      title = {Influence Factors of Understanding Business Process Models},
      booktitle = {11th International Conference on Business Information Systems (BIS)},
      year = {2008},
      month = {5},
      }
  • Christopher Kruegel and Engin Kirda and Davide Balzarotti and Giovanni Vigna and Marco Cova and Nenad Jovanovic and Viktoria Felmetsger, "Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications," in Security and Privacy, 2008, p. 15. BibTeX | PDF
    @INPROCEEDINGS{Cova_ComposingStaticand_2008,
      Author = {Christopher Kruegel and Engin Kirda and Davide Balzarotti and Giovanni Vigna and Marco Cova and Nenad Jovanovic and Viktoria Felmetsger},
      title = {Composing Static and Dynamic Analysis to Validate Sanitization in Web Applications},
      booktitle = {Security and Privacy},
      year = {2008},
      month = {5},
      pdf = {Cova_ComposingStaticand_.pdf},
      pages = {15},
      publisher = {IEEE Security and Privacy},
      }
  • Engin Kirda and Corrado Leita and Marc Dacier and Olivier Thonnard and Fabian Pouget and Van Hau Pham and Eduardo Ramirez-Silva, "The Leurre.com Project: Collecting Internet Threats Information using a Worldwide Distributed Honeynet," in In Proceedings of the 1st WOMBAT workshop, 2008. BibTeX
    @INPROCEEDINGS{Leita_LeurrecomProjectCollecting_2008,
      Author = {Engin Kirda and Corrado Leita and Marc Dacier and Olivier Thonnard and Fabian Pouget and {Van Hau} Pham and Eduardo Ramirez-Silva},
      title = {The Leurre.com Project: Collecting Internet Threats Information using a Worldwide Distributed Honeynet},
      booktitle = {In Proceedings of the 1st WOMBAT workshop},
      year = {2008},
      month = {4},
      publisher = {IEEE Computer Society},
      }
  • Stefan Fenz and Andreas Ekelhart and Gernot Goluch and Simon Tjoa and Stefan Jakoubi and Thomas Mueck, "Integration of an Ontological Information Security Concept in Risk Aware Business Process Management," in Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008, 2008, pp. 377-385. BibTeX
    @INPROCEEDINGS{Goluch_IntegrationofOntological_2008,
      Author = {Stefan Fenz and Andreas Ekelhart and Gernot Goluch and Simon Tjoa and Stefan Jakoubi and Thomas Mueck},
      title = {Integration of an Ontological Information Security Concept in Risk Aware Business Process Management},
      booktitle = {Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008},
      year = {2008},
      month = {1},
      pages = {377-385},
      publisher = {IEEE Computer Society},
      note = {978-0-7695-3075-8},
      }
  • Gerald Quirchmayr and Gernot Goluch and Simon Tjoa and Stefan Jakoubi, "Deriving Resource Requirements Applying Risk-Aware Business Process Modeling and Simulation," in Proceedings of the 16th European Conference on Information Systems (ECIS), 2008. BibTeX
    @INPROCEEDINGS{Jakoubi_DerivingResourceRequirements_2008,
      Author = {Gerald Quirchmayr and Gernot Goluch and Simon Tjoa and Stefan Jakoubi},
      title = {Deriving Resource Requirements Applying Risk-Aware Business Process Modeling and Simulation},
      booktitle = {Proceedings of the 16th European Conference on Information Systems (ECIS)},
      year = {2008},
      month = {1},
      abstract = {Today, companies face the challenge to effectively and efficiently perform their business processes as well as to guarantee their continuous operation. To meet the economic requirements, companies often consult business process management experts. The robustness and continuity of operations is separately considered in other domains such as business continuity management and risk management. The shortcoming of this separation is that in most cases a common reasoning and information basis is missing. With the risk-aware process modeling and simulation methodology named ROPE we fill this gap and combine the strengths of the aforementioned domains. In this paper, we present new ROPE simulation capabilities focusing on the determination of resource requirements considering the impact of occurring threats on business processes. Furthermore, we introduce an example scenario to clarify how a company can benefit from applying these extensions.},
      }
  • Johannes Heurix and Thomas Neubauer, "Defining Secure Business Processes with Respect to Multiple Objectives," in Proceedings of the Third International Conference on Availability, Reliability and Security ARES, 2008. BibTeX
    @INPROCEEDINGS{Neubauer_DefiningSecureBusiness_2008,
      Author = {Johannes Heurix and Thomas Neubauer},
      title = {Defining Secure Business Processes with Respect to Multiple Objectives},
      booktitle = {{P}roceedings of the {T}hird {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}},
      year = {2008},
      month = {1},
      publisher = {IEEE Computer Society},
      }
  • Johannes Heurix and Thomas Neubauer, "Objective Types for the Valuation of Secure Business Processes," in Proceedings of the 7th IEEE/ACIS International Conference on Computer and Information Science, 2008. BibTeX
    @INPROCEEDINGS{Neubauer_ObjectiveTypesValuation_2008,
      Author = {Johannes Heurix and Thomas Neubauer},
      title = {Objective Types for the Valuation of Secure Business Processes},
      booktitle = {Proceedings of the 7th IEEE/ACIS International Conference on Computer and Information Science},
      year = {2008},
      month = {1},
      publisher = {IEEE Computer Society},
      }
  • Thomas Neubauer and Thomas Mueck, "PIPE: Ein System zur Pseudonymisierung von Gesundheitsdaten," in Proceedings of e-Health 2008, 2008. BibTeX
    @INPROCEEDINGS{Neubauer_PIPEEinSystem_2008,
      Author = {Thomas Neubauer and Thomas Mueck},
      title = {PIPE: Ein System zur Pseudonymisierung von Gesundheitsdaten},
      booktitle = {Proceedings of e-Health 2008},
      year = {2008},
      month = {1},
      }
  • Thomas Neubauer and Christian Stummer and Jan Pichler, "Multiobjective Selection of Software Components: A Case Study," in Proceedings of the IEEE Asia-Pacific Services Computing Conference, 2008. BibTeX
    @INPROCEEDINGS{Neubauer_MultiobjectiveSelectionof_2008,
      Author = {Thomas Neubauer and Christian Stummer and Jan Pichler},
      title = {Multiobjective Selection of Software Components: A Case Study},
      booktitle = {Proceedings of the IEEE Asia-Pacific Services Computing Conference},
      year = {2008},
      month = {1},
      }
  • Stefan Fenz and Thomas Neubauer and Bernhard Riedl and Veronika Grascher, "Pseudonymization for improving the privacy in e-Health applications," in Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008, 2008, pp. 255-264. BibTeX
    @INPROCEEDINGS{Riedl_Pseudonymizationimprovingprivacy_2008,
      Author = {Stefan Fenz and Thomas Neubauer and Bernhard Riedl and Veronika Grascher},
      title = {Pseudonymization for improving the privacy in e-Health applications},
      booktitle = {Proceedings of the 41st Hawaii International Conference on System Sciences, HICSS2008},
      year = {2008},
      month = {1},
      pages = {255-264},
      publisher = {IEEE Computer Society},
      note = {978-0-7695-3075-8},
      }
  • Mark Strembeck and Bernd Simon and Kasra Seirafi and Gustaf Neumann and Asmund Realfsen, "Evaluate – An Innovative Service for Learning Performance Monitoring in Businesses," in Workshop on E-Learning for Business Needs, 2008. BibTeX
    @INPROCEEDINGS{Simon_Evaluate_An_Innovative_Service_2008,
      Author = {Mark Strembeck and Bernd Simon and Kasra Seirafi and Gustaf Neumann and Asmund Realfsen},
      title = {Evaluate - An Innovative Service for Learning Performance Monitoring in Businesses},
      booktitle = {Workshop on E-Learning for Business Needs},
      year = {2008},
      month = {5},
      }
  • Thomas Neubauer and Bernhard Riedl and Veronika Grascher and Mathias Kolb, "Economic and Security Aspects of the Appliance of a Threshold Scheme in e-Health," in Proceedings of the Third International Conference on Availability, Reliability and Security ARES, 2008. BibTeX
    @INPROCEEDINGS{Riedl_EconomicandSecurity_2008,
      Author = {Thomas Neubauer and Bernhard Riedl and Veronika Grascher and Mathias Kolb},
      title = {Economic and Security Aspects of the Appliance of a Threshold Scheme in e-Health},
      booktitle = {{P}roceedings of the {T}hird {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}},
      year = {2008},
      month = {1},
      }
  • Edgar R. Weippl and Markus Klemen and Philippe Benditsch and Gerald Futschek, "OCG IT-Security Zertifikat fuer Nutzer," in IRIS 2008, 2008. BibTeX
    @INPROCEEDINGS{Benditsch_OCGITSecurityZertifikat_2008,
      Author = {{Edgar R.} Weippl and Markus Klemen and Philippe Benditsch and Gerald Futschek},
      title = {OCG IT-Security Zertifikat fuer Nutzer},
      booktitle = {IRIS 2008},
      year = {2008},
      month = {1},
      }
  • Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi, "Enhancing Business Impact Analysis and Risk Assessment applying a Risk-Aware Business Process Modeling and Simulation Methodology," in Proceedings of the 3rd International Conference on Availability, Reliability and Security, 2008. BibTeX
    @INPROCEEDINGS{Tjoa_EnhancingBusinessImpact_2008,
      Author = {Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi},
      title = {Enhancing {B}usiness {I}mpact {A}nalysis and {R}isk {A}ssessment applying a {R}isk-{A}ware {B}usiness {P}rocess {M}odeling and {S}imulation {M}ethodology},
      booktitle = {Proceedings of the 3rd {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity},
      year = {2008},
      month = {1},
      abstract = {Driven by the steadily growing number of natural disasters, the threat of terrorist and other criminal attacks as well as changed legislation and regulations, companies are increasingly forced to prepare against threats that endanger the survivability of crucial business activities. As a consequence, management has to pay more attention to business continuity issues including serious management commitment and more appropriate funding. Business impact analysis and risk assessment concepts enable adequate business continuity planning as they deliver essential information about the impact of resources' disruption on business. In this paper we present how these concepts can be enhanced through the application of the ROPE (Risk-Oriented Process Evaluation) methodology enabling risk-aware business process management and simulation. Moreover, we present essential extensions of the ROPE simulation capabilities leading to a more efficient and effective business continuity planning.},
      }
  • Edgar R. Weippl and Martin Ebner, "Security Privacy Challenges in E-Learning 2.0," in E-Learn 2008, 2008. BibTeX
    @INPROCEEDINGS{Weippl_SecurityPrivacyChallenges_2008,
      Author = {{Edgar R.} Weippl and Martin Ebner},
      title = {Security Privacy Challenges in E-Learning 2.0},
      booktitle = {E-Learn 2008},
      year = {2008},
      month = {1},
      }
  • Gilbert Wondracek and Paolo Milani Comparetti and Christopher Kruegel and Engin Kirda, "Automatic Network Protocol Analysis," in 15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, February 2008, 2008. BibTeX | PDF
    @INPROCEEDINGS{Wondracek_AutomaticNetworkProtocol_2008,
      Author = {Gilbert Wondracek and Paolo Milani Comparetti and Christopher Kruegel and Engin Kirda},
      title = {Automatic Network Protocol Analysis},
      booktitle = {15th Annual Network and Distributed System Security Symposium (NDSS 2008), San Diego, February 2008},
      year = {2008},
      month = {1},
      pdf = {ce-kirden-080215.pdf},
      }
  • Christopher Kruegel and Engin Kirda and Sean McAllister, "Expanding Human Interactions for In-Depth Testing of Web Applications," in 11th Symposium on Recent Advances in Intrusion Detection (RAID), Boston, MA, 2008. BibTeX | PDF
    @INPROCEEDINGS{McAllister_ExpandingHumanInteractions_2008,
      Author = {Christopher Kruegel and Engin Kirda and Sean McAllister},
      title = {Expanding Human Interactions for In-Depth Testing of Web Applications},
      booktitle = {11th Symposium on Recent Advances in Intrusion Detection (RAID), Boston, MA},
      year = {2008},
      month = {9},
      pdf = {McAllister_ExpandingHumanInteractions_2008.pdf},
      }
  • Gerald Quirchmayr and Gernot Goluch and Simon Tjoa and Stefan Jakoubi, "Extension of a Methodology for Risk-Aware Business Process Modeling and Simulation Enabling Process-Oriented Incident Handling Support," in The 22st International Conference on Advanced Information Networking and Applications, 2008. BibTeX
    @INPROCEEDINGS{Tjoa_ExtensionofMethodology_2008,
      Author = {Gerald Quirchmayr and Gernot Goluch and Simon Tjoa and Stefan Jakoubi},
      title = {Extension of a Methodology for Risk-Aware Business Process Modeling and Simulation Enabling Process-Oriented Incident Handling Support},
      booktitle = {The 22st International Conference on Advanced Information Networking and Applications},
      year = {2008},
      month = {1},
      abstract = {Increasingly, companies face the challenges to perform their business processes effectively as well as efficiently and to simultaneously assure the continuity of these processes. As the majority of companies rely on IT, it is essential to establish effective incident handling. In this paper, we introduce new extensions of the risk-aware business process management framework ROPE (Risk- Oriented Process Evaluation) in order to support the improvement of the management and execution of business processes. We further discuss the advantages of those extensions and how they can support the implementation of standards and best-practices such as the NIST SP800-61 (Computer Security Incident Handling Guide).},
      publisher = {IEEE Society},
      }
  • Mark Strembeck and Gustaf Neumann and Gerald Stermsek, "A User Profile Derivation Approach based on Log-File Analysis," in International Conference on Information and Knowledge Engineering (IKE), 2007. BibTeX
    @INPROCEEDINGS{Stermsek_A_User_Profile_Derivation_Appr_2007,
      Author = {Mark Strembeck and Gustaf Neumann and Gerald Stermsek},
      title = {A User Profile Derivation Approach based on Log-File Analysis},
      booktitle = {International Conference on Information and Knowledge Engineering (IKE)},
      year = {2007},
      month = {6},
      }
  • Otto Hellwig, "E-Government und der Schutz kritischer Informationsinfrastrukturen," in DACH Security 2007, 2007. BibTeX
    @INPROCEEDINGS{Hellwig2007EGovernment,
      Author = {Otto Hellwig},
      title = {E-Government und der Schutz kritischer Informationsinfrastrukturen},
      booktitle = {DACH Security 2007},
      year = {2007},
      month = {6},
      }
  • Stefan Fenz and Edgar R. Weippl and Andreas Ekelhart and Gernot Goluch, "Ontological Mapping of Common Criterias Security Assurance Requirements," in New Approaches for Security, Privacy and Trust in Complex Environments, Proceedings of the IFIP TC 11 22nd International Information Security Conference, IFIPSEC2007, May 14-16, 2007, pp. 85-95. BibTeX
    @INPROCEEDINGS{Ekelhart_OntologicalMappingof_2007,
      Author = {Stefan Fenz and {Edgar R.} Weippl and Andreas Ekelhart and Gernot Goluch},
      title = {Ontological Mapping of Common Criterias Security Assurance Requirements},
      booktitle = {New Approaches for Security, Privacy and Trust in Complex Environments, Proceedings of the IFIP TC 11 22nd International Information Security Conference, IFIPSEC2007, May 14-16},
      year = {2007},
      month = {5},
      abstract = {The Common Criteria (CC) for Information Technology Security Evaluation provides comprehensive guidelines for the evaluation and certification of IT security regarding data security and data privacy. Due to the very complex and time-consuming certification process a lot of companies abstain from a CC certification. We created the CC Ontology tool, which is based on an ontological representation of the CC catalog, to support the evaluator at the certification process. Tasks such as the planning of an evaluation process, the review of relevant documents or the creating of reports are supported by the CC Ontology tool. With the development of this tool we reduce the time and costs needed to complete a certification.},
      volume = {232_2007},
      pages = {85-95},
      publisher = {International Federation for Information Processing ,},
      note = {978-0-387-72366-2},
      }
  • Christopher Kruegel and Engin Kirda and Florian Nentwich and Giovanni Vigna and Nenad Jovanovic and Philipp Vogt, "Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis," in In Proceedings of 14th Annual Network and Distributed System Security Symposium (NDSS 2007), 2007. BibTeX
    @INPROCEEDINGS{Vogt_CrossSiteScripting_2007,
      Author = {Christopher Kruegel and Engin Kirda and Florian Nentwich and Giovanni Vigna and Nenad Jovanovic and Philipp Vogt},
      title = {Cross Site Scripting Prevention with Dynamic Data Tainting and Static Analysis},
      booktitle = {In Proceedings of 14th Annual Network and Distributed System Security Symposium (NDSS 2007)},
      year = {2007},
      month = {2},
      }
  • Christopher Kruegel and Engin Kirda and Andreas Moser, "Exploring Multiple Execution Paths for Malware Analysis," in Proceedinga of the IEEE Symposium on Security and Privacy 2007, 2007. BibTeX
    @INPROCEEDINGS{Moser_ExploringMultipleExecution_2007,
      Author = {Christopher Kruegel and Engin Kirda and Andreas Moser},
      title = {Exploring Multiple Execution Paths for Malware Analysis},
      booktitle = {Proceedinga of the IEEE Symposium on Security and Privacy 2007},
      year = {2007},
      month = {5},
      abstract = {Malicious code or malware is defined as software that fulfills the deliberately harmful intent of an attacker. Malware analysis is the process of determining the behavior and purpose of a given malware sample (such as a virus, worm, or Trojan horse). This process is a necessary step to be able to develop effective detection techniques and removal tools. Currently, malware analysis is mostly a manual process that is tedious and time-intensive. To mitigate this problem, a number of analysis tools have been proposed that automatically extract the behavior of an unknown program by executing it in a restricted environment and recording the operating system calls that are invoked. The problem of dynamic analysis tools is that only a single program execution is observed. Unfortunately, however, it is possible that certain malicious actions are only triggered under specific circumstances (e.g., on a particular day, when a certain file is present, or when a certain command is received). In this paper, we propose a system that allows us to explore multiple execution paths and identify malicious actions that are executed only when certain conditions are met. This enables us to automatically extract a more complete view of the program under analysis and identify under which circumstances suspicious actions are carried out. Our experimental results demonstrate that many malware samples show different behavior depending on input read from the environment. Thus, by exploring multiple execution paths, we can obtain a more complete picture of their actions.},
      publisher = {IEEE Computer Society Press},
      }
  • Christopher Kruegel and Engin Kirda and Thomas Raffetseder, "Building Anti-Phishing Browser Plug-Ins: An Experience Report," in Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems (SESS) 29th International Conference on Software Engineering (ICSE), 2007. BibTeX
    @INPROCEEDINGS{Raffetseder_BuildingAntiPhishingBrowser_2007,
      Author = {Christopher Kruegel and Engin Kirda and Thomas Raffetseder},
      title = {Building Anti-Phishing Browser Plug-Ins: An Experience Report},
      booktitle = {Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems (SESS) 29th International Conference on Software Engineering (ICSE)},
      year = {2007},
      month = {5},
      publisher = {IEEE Computer Society Press},
      }
  • Alexander Schatten and Heinz Roth and Josef Schiefer and Martin Suntinger, "Simulating Business Process Scenarios for event-based Systems," in Proceedings of the 15th European Conference on Information Systems (ECIS 2007), 2007. BibTeX
    @INPROCEEDINGS{Schiefer_SimulatingBusinessProcess_2007,
      Author = {Alexander Schatten and Heinz Roth and Josef Schiefer and Martin Suntinger},
      title = {Simulating Business Process Scenarios for event-based Systems},
      booktitle = {Proceedings of the 15th European Conference on Information Systems (ECIS 2007)},
      year = {2007},
      month = {1},
      abstract = {Todays networked business environment requires systems which are adaptive and easy to integrate. Event-based systems have been developed and used to control business processes with loosely coupled systems. Research and product development focused so far on efficiency issues, but neglected simulation support to build robust and efficient event-driven applications. In this paper, we propose a simulation model that allows imitating real-world operations of business processes in order to improve efficiency and effectiveness of event-based systems. Our approach uses discrete eventsimulation and a graphical model for defining event sequences for business process scenarios. For better handling the complexity and variability of business processes, we use a hybrid simulation approach, which is able to combine various ways to compose event sequences and generate representative event data. As an example, we show how annotated WS-BPEL process descriptions can be used to automatically generate event sequences representing typical process execution paths for simulation purposes.},
      }
  • Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Bernhard Riedl and Simon Tjoa, "CASSIS – Computer-based Academy for Security and Safety in Information Systems," in Proceedings of the 2nd Conference on Availability, Reliability and Security, ARES2007, 2007, pp. 730-740. BibTeX | PDF
    @INPROCEEDINGS{Goluch_CASSISComputerbased_2007,
      Author = {Gernot Goluch and Andreas Ekelhart and Stefan Fenz and Stefan Jakoubi and Bernhard Riedl and Simon Tjoa},
      title = {CASSIS - Computer-based Academy for Security and Safety in Information Systems},
      booktitle = {Proceedings of the 2nd Conference on Availability, Reliability and Security, ARES2007},
      year = {2007},
      month = {4},
      pdf = {2007 - Goluch - CASSIS.pdf},
      pages = {730--740},
      publisher = {IEEE Computer Society},
      }
  • Josef Schiefer and Szabolcs Rozsnyai and Christian Rauscher and Gerd Saurer, "Event-Driven Rules for Sensing and Responding to Business Situations," in Proceedings of the Inaugural International Conference on Distributed Event-Based Systems (DEBS 2007), 2007. BibTeX
    @INPROCEEDINGS{Schiefer_EventDrivenRulesSensing_2007,
      Author = {Josef Schiefer and Szabolcs Rozsnyai and Christian Rauscher and Gerd Saurer},
      title = {Event-Driven Rules for Sensing and Responding to Business Situations},
      booktitle = {Proceedings of the Inaugural International Conference on Distributed Event-Based Systems (DEBS 2007)},
      year = {2007},
      month = {1},
      abstract = {Event-based systems have been developed and used to implement networked and adaptive business environments based on loosely coupled systems in order to respond faster to critical business events. In this paper, we introduce a rule management systemwhich is able to sense and evaluate events in order to respond to changes in a business environment or customer needs. It enables users to graphically compose comprehensive event-triggered rules, which can be used to control the processing of services. For the definition of a rule set, users can independently define event conditions, event patterns and correlation-related information which can be combined for modeling complex business situations. We have fully implemented the proposed system with a serviceoriented approach and illustrate our approach with an order management business case.},
      publisher = {ACM},
      }
  • Christopher Kruegel and Davide Balzarotti and William K Robertson and Giovanni Vigna, "Improving Signature Testing Through Dynamic Data Flow Analysis," in Proceedings of the 23rd Annual Computer Security Applications Conference ACSAC 2007, 2007. BibTeX
    @INPROCEEDINGS{Balzarotti_ImprovingSignatureTesting_2007,
      Author = {Christopher Kruegel and Davide Balzarotti and William K Robertson and Giovanni Vigna},
      title = {Improving Signature Testing Through Dynamic Data Flow Analysis},
      booktitle = {Proceedings of the 23rd {A}nnual {C}omputer {S}ecurity {A}pplications {C}onference ACSAC 2007},
      year = {2007},
      month = {12},
      }
  • Mark Strembeck and Otto Plhal, "VIDIHIP – A Web Service based Integration Platform for Power Plant Control Systems," in IEEE International Conference on Service-Oriented Computing and Applications (SOCA), 2007. BibTeX
    @INPROCEEDINGS{Strembeck_VIDIHIP_A_Web_Service_based_In_2007,
      Author = {Mark Strembeck and Otto Plhal},
      title = {VIDIHIP - A Web Service based Integration Platform for Power Plant Control Systems},
      booktitle = {IEEE International Conference on Service-Oriented Computing and Applications (SOCA)},
      year = {2007},
      month = {6},
      abstract = {European energy supply companies typically run a conglomerate of different, geographically distributed power plants. Unfortunately, the corresponding power plant control systems are based on proprietary technology and an integration of these control systems is a very complex task. We thus conducted a project to build an integration platform for power plant control systems that is based on open standards and technologies. In this paper, we describe the Vienna District Heating Integration Platform (VIDIHIP). VIDIHIP is based on Web Service technology and allows for the integration of arbitrary (heterogenous) power plant control systems. It provides a consistent interface to access different decentralized control systems and each standard Web browser can be used as a control front-end for VIDIHIP.},
      }
  • Christopher Kruegel and Engin Kirda and Manuel Egele and Heng Yin and Dawn Song, "Panorama: Capturing System-wide Information Flow for Malware Detection and Analysis," in Proceedings of the 14th ACM Conference on Computer and Communications Security, 2007. BibTeX
    @INPROCEEDINGS{Yin_PanoramaCapturingSystemwide_2007,
      Author = {Christopher Kruegel and Engin Kirda and Manuel Egele and Heng Yin and Dawn Song},
      title = {Panorama: {C}apturing {S}ystem-wide {I}nformation {F}low for {M}alware {D}etection and {A}nalysis},
      booktitle = {Proceedings of the 14th {ACM} {C}onference on {C}omputer and {C}ommunications {S}ecurity},
      year = {2007},
      month = {11},
      }
  • Andreas Ekelhart and Stefan Fenz and A Min Tjoa and Edgar R. Weippl, "Security Issues for the Use of Semantic Web in e-Commerce," in Business Information Systems, 10th International Conference on Business Information Systems, BIS 2007, 2007, pp. 1-13. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_SecurityIssuesUse_2007,
      Author = {Andreas Ekelhart and Stefan Fenz and {A Min} Tjoa and {Edgar R.} Weippl},
      title = {Security Issues for the Use of Semantic Web in e-Commerce},
      booktitle = {Business Information Systems, 10th International Conference on Business Information Systems, BIS 2007},
      year = {2007},
      month = {4},
      pdf = {2007 - Ekelhart - Security Issues for the Use of Semantic Web in e-Commerce.pdf},
      pages = {1--13},
      publisher = {Springer Berlin Heidelberg},
      }
  • Christopher Kruegel and Engin Kirda and Manuel Egele and Heng Yin and Dawn Song, "Dynamic Spyware Analysis," in Proceedings of the USENIX Annual Technical Conference, 2007. BibTeX
    @INPROCEEDINGS{Egele_DynamicSpywareAnalysis_2007,
      Author = {Christopher Kruegel and Engin Kirda and Manuel Egele and Heng Yin and Dawn Song},
      title = {Dynamic Spyware Analysis},
      booktitle = {Proceedings of the USENIX Annual Technical Conference},
      year = {2007},
      month = {6},
      }
  • Andreas Ekelhart and Stefan Fenz and Thomas Neubauer and Edgar R. Weippl, "Formal threat descriptions for enhancing governmental risk assessment," in Proceedings of the First International Conference on Theory and Practice of Electronic Governance, 2007, pp. 40-43. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_Formalthreatdescriptions_2007,
      Author = {Andreas Ekelhart and Stefan Fenz and Thomas Neubauer and {Edgar R.} Weippl},
      title = {Formal threat descriptions for enhancing governmental risk assessment},
      booktitle = {Proceedings of the First International Conference on Theory and Practice of Electronic Governance},
      year = {2007},
      month = {1},
      pdf = {2007 Ekelhart - Formal Threat Descriptions for Enhancing Governmental Risk Assessment.pdf},
      volume = {232},
      pages = {40--43},
      publisher = {ACM},
      acm = {933612},
      }
  • Edgar R. Weippl and Khalid Latif, "Question Driven Semantics Interpretation for Collaborative Knowledge Engineering and Ontology Reuse," in IEEE International Conference on Information Reuse and Integration, 2007. BibTeX
    @INPROCEEDINGS{Latif_QuestionDrivenSemantics_2007,
      Author = {{Edgar R.} Weippl and Khalid Latif},
      title = {Question Driven Semantics Interpretation for Collaborative Knowledge Engineering and Ontology Reuse},
      booktitle = {IEEE International Conference on Information Reuse and Integration},
      year = {2007},
      month = {8},
      }
  • Alexander Schatten and Josef Schiefer and Szabolcs Rozsnyai, "Concepts and Models for Typing Events for Event-Based Systems," in Proceedings of the Inaugural International Conference on Distributed Event-Based Systems (DEBS 2007), 2007. BibTeX
    @INPROCEEDINGS{Rozsnyai_ConceptsandModels_2007,
      Author = {Alexander Schatten and Josef Schiefer and Szabolcs Rozsnyai},
      title = {Concepts and Models for Typing Events for Event-Based Systems},
      booktitle = {Proceedings of the Inaugural International Conference on Distributed Event-Based Systems (DEBS 2007)},
      year = {2007},
      month = {1},
      abstract = {Event-based systems are increasingly gaining widespread attention for applications that require integration with loosely coupled and distributed systems for time-critical business solutions. In this paper, we show concepts and models for representing, structuring and typing events. We discuss existing event models in the field and introduce the event model of the event-based system SARI for illustrating various typing concepts. The typing concepts cover topics such as type inheritance and exheritance, dynamic type inferencing, attribute types, as well as the extendibility and addressability of events. We show how the typing concepts evolved and depend on the implemented eventbased systems which use different approaches for the event processing such as graphical approaches, or approaches, that use Java code, SQL code, or ECA (event-condition-action) rules.},
      publisher = {ACM},
      }
  • Christopher Kruegel and Engin Kirda and Angelo Rosiello and Fabrizio Ferrandi, "A Layout-Similarity-Based Approach for Detecting Phishing Pages," in Proceedings of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm)., 2007. BibTeX
    @INPROCEEDINGS{Rosiello_LayoutSimilarityBasedApproachDetecting_2007,
      Author = {Christopher Kruegel and Engin Kirda and Angelo Rosiello and Fabrizio Ferrandi},
      title = {A Layout-Similarity-Based Approach for Detecting Phishing Pages},
      booktitle = {Proceedings of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm).},
      year = {2007},
      month = {1},
      }
  • Gernot Goluch and Thomas Neubauer and Bernhard Riedl and Oswald Boehm and Gert Reinauer and Alexander Krumboeck, "A secure architecture for the pseudonymization of medical data," in Proceedings of the Second International Conference on Availability, Reliability and Security (ARES), 2007, pp. 318-324. BibTeX
    @INPROCEEDINGS{Riedl_securearchitecturepseudonymization_2007,
      Author = {Gernot Goluch and Thomas Neubauer and Bernhard Riedl and Oswald Boehm and Gert Reinauer and Alexander Krumboeck},
      title = {A secure architecture for the pseudonymization of medical data},
      booktitle = {Proceedings of the Second International Conference on Availability, Reliability and Security (ARES)},
      year = {2007},
      month = {1},
      pages = {318-324},
      }
  • Andreas Ekelhart and Stefan Fenz and Markus Klemen and Edgar R. Weippl, "Security Ontologies: Improving Quantitative Risk Analysis," in Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007, 2007, pp. 156-162. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_SecurityOntologiesImproving_2007,
      Author = {Andreas Ekelhart and Stefan Fenz and Markus Klemen and {Edgar R.} Weippl},
      title = {Security Ontologies: Improving Quantitative Risk Analysis},
      booktitle = {Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007},
      year = {2007},
      month = {1},
      pdf = {2007 - Ekelhart - Security Ontologies Improving Quantitative Risk Analysis.pdf},
      pages = {156--162},
      publisher = {IEEE Computer Society},
      }
  • Bernhard Riedl and Oliver Jorns, "Secure Access to Emergency Data in an e-Health Architecture," in Proceeding of The 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007), 2007. BibTeX
    @INPROCEEDINGS{Riedl_SecureAccessto_2007,
      Author = {Bernhard Riedl and Oliver Jorns},
      title = {Secure {A}ccess to {E}mergency {D}ata in an {e-H}ealth Architecture},
      booktitle = {Proceeding of {T}he 9th {I}nternational {C}onference on {I}nformation {I}ntegration and {W}eb-based {A}pplications and {S}ervices (ii{WAS}2007)},
      year = {2007},
      month = {1},
      abstract = {The introduction of the electronic health record (EHR) promises a decrease of costs as well as a better service quality for the patients. Nevertheless, with this planned life-long storage of sensitive data security issues arise, exemplarily privacy related-problems. Our approach PIPE (Pseudonymization of Information for Privacy in e-Health) guarantees appropriate security for personal data. Besides the anamnesis data, a special subset of medical data, emergency data exist, which has to be available just-in-time. Hence, complex authentication purposes occur. We provide a novel ad-hoc authentication mechanism for emergency data, which is based on the notion of pseudonyms.},
      }
  • Edgar R. Weippl and Gernot Goluch and Bernhard Riedl and Stefan Poechlinger, "Comparative Literature Review on RFID Security and Privacy," in Proceedings of The 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007), 2007. BibTeX
    @INPROCEEDINGS{Riedl_ComparativeLiteratureReview_2007,
      Author = {{Edgar R.} Weippl and Gernot Goluch and Bernhard Riedl and Stefan Poechlinger},
      title = {Comparative Literature Review on RFID Security and Privacy},
      booktitle = {Proceedings of The 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007)},
      year = {2007},
      month = {1},
      }
  • Thomas Neubauer and Christian Stummer, "Interactive Decision Support for multiobjective COTS Selection," in Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007, 2007. BibTeX
    @INPROCEEDINGS{Neubauer_InteractiveDecisionSupport_2007,
      Author = {Thomas Neubauer and Christian Stummer},
      title = {Interactive Decision Support for multiobjective COTS Selection},
      booktitle = {Proceedings of the 40th Hawaii International Conference on System Sciences, HICSS2007},
      year = {2007},
      month = {1},
      }
  • Thomas Neubauer and Christian Stummer, "Entscheidungsunterstützung für die Auswahl von Softwarekomponenten bei mehrfachen Zielsetzungen," in Tagungsband Wirtschaftsinformatik, 2007. BibTeX
    @INPROCEEDINGS{Neubauer_Entscheidungsunterstuetzungfuerdie_2007,
      Author = {Thomas Neubauer and Christian Stummer},
      title = {Entscheidungsunterstützung für die Auswahl von Softwarekomponenten bei mehrfachen Zielsetzungen},
      booktitle = {Tagungsband Wirtschaftsinformatik},
      year = {2007},
      month = {1},
      }
  • Gernot Goluch and Thomas Neubauer and Bernhard Riedl, "A Research Agenda for Autonomous Business Process Management," in Proceedings of the Second International Conference on Availability, Reliability and Security ARES, 2007. BibTeX
    @INPROCEEDINGS{Neubauer_ResearchAgendaAutonomous_2007,
      Author = {Gernot Goluch and Thomas Neubauer and Bernhard Riedl},
      title = {A Research Agenda for Autonomous Business Process Management},
      booktitle = {{P}roceedings of the {S}econd {I}nternational {C}onference on {A}vailability, {R}eliability and {S}ecurity {ARES}},
      year = {2007},
      month = {1},
      publisher = {IEEE Computer Society},
      }
  • Christopher Kruegel and Engin Kirda and Sean McAllister and Christian Ludl, "On the Effectiveness of Techniques to Detect Phishing Sites," in Proceedings of the Conference on the Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA)., 2007. BibTeX
    @INPROCEEDINGS{Ludl_EffectivenessofTechniques_2007,
      Author = {Christopher Kruegel and Engin Kirda and Sean McAllister and Christian Ludl},
      title = {On the Effectiveness of Techniques to Detect Phishing Sites},
      booktitle = {Proceedings of the Conference on the Detection of Intrusions and Malware \& Vulnerability Assessment (DIMVA).},
      year = {2007},
      month = {1},
      abstract = {Phishing is an electronic online identity theft in which the attackers use a combination of social engineering and web site spoofing techniques to trick a user into revealing confidential information. This information is typically used to make an illegal economic profit (e.g., by online banking transactions, purchase of goods using stolen credentials, etc.). Although simple, phishing attacks are remarkably effective. As a re- sult, the numbers of successful phishing attacks have been continuously increasing and many anti-phishing solutions have been proposed. One popular and widely-deployed solution is the integration of blacklist-based anti-phishing techniques into browsers. However, it is currently unclear how effective such blacklisting approaches are in mitigating phishing at- tacks in real-life. In this paper, we report our findings on analyzing the effectiveness of two popular anti-phishing solutions. Over a period of three weeks, we automatically tested the effectiveness of the blacklists maintained by Google and Microsoft with 10,000 phishing URLs. Fur- thermore, by analyzing a large number of phishing pages, we explored the existence of page properties that can be used to identify phishing pages.},
      }
  • Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi, "ROPE: A Methodology for Enabling the Risk-Aware Modeling and Simulation of Business Processes," in Proceedings of the 15th European Conference on Information Systems (ECIS 2007), 2007. BibTeX
    @INPROCEEDINGS{Jakoubi_ROPEMethodologyEnabling_2007,
      Author = {Gerald Quirchmayr and Simon Tjoa and Stefan Jakoubi},
      title = {ROPE: A Methodology for Enabling the Risk-Aware Modeling and Simulation of Business Processes},
      booktitle = {Proceedings of the 15th European Conference on Information Systems (ECIS 2007)},
      year = {2007},
      month = {1},
      abstract = {Risk management is essential regarding the maintenance of a companys business processes. The ability of companies to prevent risks as well as to respond quickly and appropriately to emerging threats is increasingly becoming a crucial success factor. In order to cope with these challenges, companies constitute business process and risk management approaches. Traditional business process management focuses on the economical optimization of processes. Apart from that, risk management designs robust business processes to strengthen the resilience of daily business. Both domains try to improve business, but both approach this goal from a different view on the understanding of improvement. Due to the fact that optimizing recommendations of business process management and risk management may be contradictory, we propose one unified method that unites both points of views to enable risk-aware business process management and optimization. In this paper, we introduce the ROPE (Risk-Oriented Process Evaluation) methodology which combines capabilities of business process management, risk management and business continuity management to support the holistic evaluation of business processes not only regarding their economic efficiency but also their robustness and security. The basis for this combination are the refinement of business process activities into four atomic elements (Conditions, Actions, Resources and Environments) and a process-oriented way of modeling threats as well as security, counter and recovery measures. In this paper we demonstrate how to enable risk-aware business process management and simulation through the application of the ROPE methodology.},
      }
  • Alexander Schatten and Josef Schiefer and Szabolcs Rozsnyai and Roland Vecera, "Event Cloud – Searching for Correlated Business Events," in Proceedings of the 4th IEEE International Conference on Enterprise Computing, E-Commerce and E-Services (IEEE 07), 2007, pp. 409-420. BibTeX
    @INPROCEEDINGS{Rozsnyai_EventCloud_2007,
      Author = {Alexander Schatten and Josef Schiefer and Szabolcs Rozsnyai and Roland Vecera},
      title = {Event Cloud - Searching for Correlated Business Events},
      booktitle = {Proceedings of the 4th IEEE International Conference on Enterprise Computing, E-Commerce and E-Services (IEEE 07)},
      year = {2007},
      month = {7},
      abstract = {Market players that can respond to critical business events faster than their competitors will end up as winners in the fast moving economy. Event-based systems have been developed and used to implement networked and adaptive business environments based on loosely coupled systems. In this paper, we introduce Event Cloud, a system that allows searching for business events in a variety of contexts that also take the relationships between events into consideration. Event Cloud supports knowledge workers in their daily operations in order to perform investigations and analyses based on historical events. It enables users to search in large sets of historical events which are correlated and indexed in a data staging process with an easy-to-use search interface. For improving the search results, we propose an index based ranking system. We present an architecture for the Event Cloud system, which supports a continuous near real-time integration of business events with the aim of decreasing the time it takes to make them available for searching purposes. We have fully implemented the proposed architecture and discuss implementation details.},
      pages = {409-420},
      publisher = {IEEE Computer Society},
      }
  • Thomas Neubauer and Bernhard Riedl and Veronika Grascher, "Applying a Threshold Scheme to the Pseudonymization of Health Data," in Proceedings of the 13th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC’07), 2007. BibTeX
    @INPROCEEDINGS{Riedl_ApplyingThresholdScheme_2007,
      Author = {Thomas Neubauer and Bernhard Riedl and Veronika Grascher},
      title = {Applying a Threshold Scheme to the Pseudonymization of Health Data},
      booktitle = {Proceedings of the 13th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC'07)},
      year = {2007},
      month = {1},
      }
  • Thomas Neubauer and Christian Stummer, "Extending Business Process Management to Determine Efficient IT Investments," in Proceedings of the 2007 ACM Symposium on Applied Computing, 2007. BibTeX
    @INPROCEEDINGS{Neubauer_ExtendingBusinessProcess_2007,
      Author = {Thomas Neubauer and Christian Stummer},
      title = {Extending Business Process Management to Determine Efficient IT Investments},
      booktitle = {Proceedings of the 2007 ACM Symposium on Applied Computing},
      year = {2007},
      month = {1},
      }
  • Christopher Kruegel and Engin Kirda and Thomas Raffetseder, "Detecting System Emulators," in Proceedings of the Information Security Conference (ISC), 2007. BibTeX
    @INPROCEEDINGS{Raffetseder_DetectingSystemEmulators_2007,
      Author = {Christopher Kruegel and Engin Kirda and Thomas Raffetseder},
      title = {Detecting System Emulators},
      booktitle = {Proceedings of the Information Security Conference (ISC)},
      year = {2007},
      month = {10},
      }
  • Christopher Kruegel and Engin Kirda and Martin Szydlowski, "Secure Input for Web Applications," in Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) 2007, 2007. BibTeX
    @INPROCEEDINGS{Szydlowski_SecureInputWeb_2007,
      Author = {Christopher Kruegel and Engin Kirda and Martin Szydlowski},
      title = {Secure {I}nput for {W}eb {A}pplications},
      booktitle = {Proceedings of the 23rd {A}nnual {C}omputer {S}ecurity {A}pplications {C}onference ({ACSAC}) 2007},
      year = {2007},
      month = {12},
      }
  • Witold Abramowicz and Andreas Ekelhart and Stefan Fenz and Monika Kaczmarek and A Min Tjoa and Edgar R. Weippl and Dominik Zyskowski, "Security aspects in Semantic Web Services Filtering," in Proceedings of the 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007), 2007, pp. 21-31. BibTeX | PDF
    @INPROCEEDINGS{Abramowicz_Securityaspectsin_2007,
      Author = {Witold Abramowicz and Andreas Ekelhart and Stefan Fenz and Monika Kaczmarek and {A Min} Tjoa and {Edgar R.} Weippl and Dominik Zyskowski},
      title = {Security aspects in Semantic Web Services Filtering},
      booktitle = {Proceedings of the 9th International Conference on Information Integration and Web-based Applications and Services (iiWAS2007)},
      year = {2007},
      month = {1},
      pdf = {2007 - Abramowicz - Security Aspects in Semantic Web Services Filtering.pdf},
      volume = {229},
      pages = {21--31},
      publisher = {Austrian Computer Society},
      }
  • Stefan Fenz and Edgar R. Weippl and Andreas Ekelhart and Gernot Goluch and Bernhard Riedl, "Information Security Fortification by Ontological Mapping of the ISO IEC 27001 Standard," in Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing, PRDC2007, 2007, pp. 381-388. BibTeX
    @INPROCEEDINGS{Fenz_InformationSecurityFortification_2007,
      Author = {Stefan Fenz and {Edgar R.} Weippl and Andreas Ekelhart and Gernot Goluch and Bernhard Riedl},
      title = {Information Security Fortification by Ontological Mapping of the ISO IEC 27001 Standard},
      booktitle = {Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing, PRDC2007},
      year = {2007},
      month = {12},
      pages = {381-388},
      publisher = {IEEE Computer Society},
      note = {0-7695-3054-0},
      }
  • Edgar R. Weippl and Stefan Fenz and Andreas Ekelhart, "Security Ontologies: How to Improve Understanding of Complex Relationships," in Proceedings of the World Conference on Educational Multimedia, Hypermedia and Telecommunications 2007, 2007, pp. 404-407. BibTeX | PDF
    @INPROCEEDINGS{Weippl_SecurityOntologiesHow_2007,
      Author = {{Edgar R.} Weippl and Stefan Fenz and Andreas Ekelhart},
      title = {Security Ontologies: How to Improve Understanding of Complex Relationships},
      booktitle = {Proceedings of the World Conference on Educational Multimedia, Hypermedia and Telecommunications 2007},
      year = {2007},
      month = {6},
      pdf = {2007 - Weippl - Security Ontologies How to Improve Understanding of Complex Relationships.pdf},
      pages = {404--407},
      publisher = {AACE},
      }
  • Alexander Schatten and Josef Schiefer and Szabolcs Rozsnyai, "Solution Architecture for Detecting and Preventing Fraud in Real Time," in Proceedings of the The Second International Conference on Digital Information Management (ICDIM07), 2007. BibTeX
    @INPROCEEDINGS{Rozsnyai_SolutionArchitectureDetecting_2007,
      Author = {Alexander Schatten and Josef Schiefer and Szabolcs Rozsnyai},
      title = {Solution Architecture for Detecting and Preventing Fraud in Real Time},
      booktitle = {Proceedings of the The Second International Conference on Digital Information Management (ICDIM07)},
      year = {2007},
      month = {10},
      abstract = {Fraud has been an issue since the very beginnings of commerce. Today, as business moved into the online era, this topic has become a major issue in e-commerce. In this paper, we introduce a solution architecture for detection and preventing fraud in real time by using an event-based system called SARI (Sense and Respond Infrastructure). We present the architecture and components for a realtime fraud management solution which can be easily adapted to the business needs of domain experts and business users. The SARI system provides functions to monitor customer behavior as well as it can steer and optimize customer processes in real time. For illustrating our approach, we show fraud scenarios of an online gambling service provider.},
      publisher = {IEEE},
      }
  • Jörn-Marc Schmidt and Michael Hutter, "Optical and EM Fault-Attacks on CRT-based RSA: Concrete Results," in Proceedings of the Austrochip 2007, 2007, pp. 61-67. BibTeX
    @INPROCEEDINGS{Schmidt_OpticalandEM_2007,
      Author = {Jörn-Marc Schmidt and Michael Hutter},
      title = {Optical and EM Fault-Attacks on CRT-based RSA: Concrete Results},
      booktitle = {Proceedings of the Austrochip 2007},
      year = {2007},
      month = {10},
      abstract = {RSA is a well-known algorithm that is used in various cryptographic systems like smart cards and e-commerce applications. This article presents practical attacks on implementations of RSA that use the Chinese Remainder Theorem (CRT). The attacks have been performed by inducing faults into a cryptographic device through optical and electromagnetic injections. We show optical attacks using fibre-optic light guides. Furthermore, we present a new non-invasive electromagnetic fault-attack using high-frequency spark gaps. All attacks have been performed using low-cost equipment.},
      pages = {61--67},
      publisher = {Verlag der Technischen Universit},
      note = {ISBN 978-3-902465-87-0},
      }
  • Christopher Kruegel and Mihai Christodorescu and Somesh Jha, "Mining Specifications of Malicious Behavior," in Proceedings of the European Software Engineering Conference and the ACM Symposium on the Foundations of Software Engineering (ESEC FSE)., 2007. BibTeX
    @INPROCEEDINGS{Christodorescu_MiningSpecificationsof_2007,
      Author = {Christopher Kruegel and Mihai Christodorescu and Somesh Jha},
      title = {Mining Specifications of Malicious Behavior},
      booktitle = {Proceedings of the European Software Engineering Conference and the ACM Symposium on the Foundations of Software Engineering (ESEC FSE).},
      year = {2007},
      month = {9},
      }
  • Mark Strembeck and Gustaf Neumann and Gerald Stermsek, "User Profile Refinement Using Explicit User Interest Modeling," in 37. Jahrestagung der Gesellschaft für Informatik (GI), 2007. BibTeX
    @INPROCEEDINGS{Stermsek_User_Profile_Refinement_Using__2007,
      Author = {Mark Strembeck and Gustaf Neumann and Gerald Stermsek},
      title = {User Profile Refinement Using Explicit User Interest Modeling},
      booktitle = {37. Jahrestagung der Gesellschaft für Informatik (GI)},
      year = {2007},
      month = {9},
      abstract = {In this paper, we present an approach to refine user profiles that were derived from Web server logs in an automated procedure. In most application scenarios, such automatically derived profiles can only deliver a preliminary result and require human interaction for further refinement. We describe the individual steps to enhance and refine derived user profiles which can be used for personalization purposes (e.g. information filtering). In particular, the user can choose to refine the profile manually or use supporting techniques, such as ontologies, that assist him in the refinement process. In addition to information included in automatically derived profiles, the user thus explicitly provides information to refine his profile.},
      }
  • Christopher Kruegel and Engin Kirda and Paolo Milani Comparetti and Gilbert Wondracek, "Automatic Network Protocol Analysis," in Proceedings of the Network and Distributed System Security Symposium Conference (NDSS), San Diego 2007, 2007. BibTeX
    @INPROCEEDINGS{Wondracek_AutomaticNetworkProtocol_2007,
      Author = {Christopher Kruegel and Engin Kirda and Paolo Milani Comparetti and Gilbert Wondracek},
      title = {Automatic {N}etwork {P}rotocol {A}nalysis},
      booktitle = {Proceedings of the {N}etwork and {D}istributed {S}ystem {S}ecurity {S}ymposium {C}onference ({NDSS}), {S}an {D}iego 2007},
      year = {2007},
      month = {1},
      }
  • Christopher Kruegel and Engin Kirda and Andreas Moser, "Limits of Static Analysis for Malware Detection," in Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC) 2007, 2007. BibTeX | PDF
    @INPROCEEDINGS{Moser_LimitsofStatic_2007,
      Author = {Christopher Kruegel and Engin Kirda and Andreas Moser},
      title = {Limits of {S}tatic {A}nalysis for {M}alware {D}etection},
      booktitle = {Proceedings of the 23rd {A}nnual {C}omputer {S}ecurity {A}pplications {C}onference ({ACSAC}) 2007},
      year = {2007},
      month = {12},
      pdf = {Moser_LimitsofStatic_2007.pdf},
      }
  • Andreas Ekelhart and Stefan Fenz and Markus Klemen and Edgar R. Weippl, "Security Ontology: Simulating Threats to Corporate Assets," in Second International Conference on Information Systems Security (ICISS 2006), 2006, pp. 249-259. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_SecurityOntologySimulating_2006,
      Author = {Andreas Ekelhart and Stefan Fenz and Markus Klemen and {Edgar R.} Weippl},
      title = {Security Ontology: Simulating Threats to Corporate Assets},
      booktitle = {Second International Conference on Information Systems Security (ICISS 2006)},
      year = {2006},
      month = {12},
      pdf = {2006 - Ekelhart - Security Ontology Simulating Threats to Corporate Assets.pdf},
      volume = {4332_2006},
      pages = {249--259},
      publisher = {Springer Berlin Heidelberg},
      }
  • Edgar R. Weippl, "Addressing the Weakest Link: How to improve teaching of IT security," in Proceedings of ED-MEDIA 2006, 2006. BibTeX
  • Christopher Kruegel and Engin Kirda and Nenad Jovanovic, "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper).," in Proceedings of the IEEE Symposium on Security and Privacy 2006, 2006. BibTeX
    @INPROCEEDINGS{Jovanovic_PixyStaticAnalysis_2006,
      Author = {Christopher Kruegel and Engin Kirda and Nenad Jovanovic},
      title = {Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities (Short Paper).},
      booktitle = {Proceedings of the IEEE Symposium on Security and Privacy 2006},
      year = {2006},
      month = {5},
      publisher = {IEEE Computer Society Press},
      }
  • Christopher Kruegel and Engin Kirda and Nenad Jovanovic and Stefan Kals, "SecuBat: A Web Vulnerability Scanner," in Proceedings of The 15th International World Wide Web Conference (WWW 2006), 2006. BibTeX
    @INPROCEEDINGS{Kals_SecuBatWebVulnerability_2006,
      Author = {Christopher Kruegel and Engin Kirda and Nenad Jovanovic and Stefan Kals},
      title = {SecuBat: A Web Vulnerability Scanner},
      booktitle = {Proceedings of The 15th International World Wide Web Conference (WWW 2006)},
      year = {2006},
      month = {5},
      abstract = {As the popularity of the web increases and web applications become tools of everyday use, the role of web security has been gaining importance as well. The last years have shown a significant increase in the number of web-based attacks. For example, there has been extensive press coverage of recent security incidences involving the loss of sensitive credit card information belonging to millions of customers. Many web application security vulnerabilities result from generic input validation problems. Examples of such vulnerabilities are SQL injection and Cross-Site Scripting (XSS). Although the majority of web vulnerabilities are easy to understand and to avoid, many web developers are, unfortunately, not security-aware. As a result, there exist many web sites on the Internet that are vulnerable. This paper demonstrates how easy it is for attackers to automatically discover and exploit application-level vulnerabilities in a large number of web applications. To this end, we developed SecuBat, a generic and modular web vulnerability scanner that, similar to a port scanner, automatically analyzes web sites with the aim of finding exploitable SQL injection and XSS vulnerabilities. Using SecuBat, we were able to find many potentially vulnerable web sites. To verify the accuracy of SecuBat, we picked one hundred interesting web sites from the potential victim list for further analysis and confirmed exploitable flaws in the identified web pages. Among our victims were well-known global companies and a finance ministry. Of course, we notified the administrators of vulnerable sites about potential security problems. More than fifty responded to request additional information or to report that the security hole was closed.},
      }
  • Christopher Kruegel and Engin Kirda and Ulrich Bayer, "TTAnalyze: A Tool for Analyzing Malware," in Proceedings of the 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference, 2006. BibTeX
    @INPROCEEDINGS{Bayer_TTAnalyzeToolAnalyzing_2006,
      Author = {Christopher Kruegel and Engin Kirda and Ulrich Bayer},
      title = {TTAnalyze: A Tool for Analyzing Malware},
      booktitle = {Proceedings of the 15th European Institute for Computer Antivirus Research (EICAR 2006) Annual Conference},
      year = {2006},
      month = {4},
      note = {Best Paper Award},
      }
  • Edgar R. Weippl and Thomas Neubauer and Christian Stummer, "Workshop-based Multiobjective Security Safeguard Selection," in Proceedings of the irst International Conference on Availability, Reliability and Security (ARES), 2006, pp. 366-373. BibTeX
    @INPROCEEDINGS{Neubauer_WorkshopbasedMultiobjectiveSecurity_2006,
      Author = {{Edgar R.} Weippl and Thomas Neubauer and Christian Stummer},
      title = {Workshop-based Multiobjective {S}ecurity Safeguard Selection},
      booktitle = {Proceedings of the irst International Conference on Availability, Reliability and Security (ARES)},
      year = {2006},
      month = {1},
      pages = {366--373},
      publisher = {IEEE Computer Society},
      }
  • Edgar R. Weippl and Gernot Goluch, "Nichtabstreitbarkeit und Audits in ELearning," in IRIS 2006, 2006. BibTeX
    @INPROCEEDINGS{Goluch_NichtabstreitbarkeitundAudits_2006,
      Author = {{Edgar R.} Weippl and Gernot Goluch},
      title = {Nichtabstreitbarkeit und Audits in ELearning},
      booktitle = {IRIS 2006},
      year = {2006},
      month = {1},
      }
  • Edgar R. Weippl and Stefan Biffl and Thomas Neubauer, "Digital Signatures with Familiar Appearance for e-Government Documents: Authentic PDF," in Proceedings of the International Conference on Availability, Reliability and Security (ARES’06), 2006, pp. 723-731. BibTeX
    @INPROCEEDINGS{Neubauer_DigitalSignatureswith_2006,
      Author = {{Edgar R.} Weippl and Stefan Biffl and Thomas Neubauer},
      title = {Digital Signatures with Familiar Appearance for e-Government Documents: Authentic PDF},
      booktitle = {Proceedings of the International Conference on Availability, Reliability and Security (ARES'06)},
      year = {2006},
      month = {1},
      pages = {723-731},
      }
  • Edgar R. Weippl and Thomas Neubauer and Arno Hollosi, "Digitale PDF-Signaturen mit der Bürgerkarte," in Proceedings of D-A-CH Security 2006, 2006. BibTeX
    @INPROCEEDINGS{Neubauer_DigitalePDFSignaturenmit_2006,
      Author = {{Edgar R.} Weippl and Thomas Neubauer and Arno Hollosi},
      title = {Digitale {P}{D}{F}-{S}ignaturen mit der {B}\"urgerkarte},
      booktitle = {Proceedings of D-A-CH Security 2006},
      year = {2006},
      month = {1},
      }
  • Christopher Kruegel and Engin Kirda and Nenad Jovanovic, "Preventing Cross Site Request Forgery Attacks," in In Proceedings of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm), 2006. BibTeX
    @INPROCEEDINGS{Jovanovic_PreventingCrossSite_2006,
      Author = {Christopher Kruegel and Engin Kirda and Nenad Jovanovic},
      title = {Preventing Cross Site Request Forgery Attacks},
      booktitle = {In Proceedings of IEEE International Conference on Security and Privacy in Communication Networks (SecureComm)},
      year = {2006},
      month = {8},
      abstract = {The web has become an indispensable part of our lives. Unfortunately, as our dependency on the web increases, so does the interest of attackers in exploiting web applications and web-based information systems. Previous work in the field of web application security has mainly focused on the mitigation of Cross Site Scripting (XSS) and SQL injection attacks. In contrast, Cross Site Request Forgery (XSRF) attacks have not received much attention. In an XSRF attack, the trust of a web application in its authenticated users is exploited by letting the attacker make arbitrary HTTP requests on behalf of a victim user. The problem is that web applications typically act upon such requests without verifying that the performed actions are indeed intentional. Because XSRF is a relatively new security problem, it is largely unknown by web application developers. As a result, there exist many web applications that are vulnerable to XSRF. Unfortunately, existing mitigation approaches are time-consuming and error-prone, as they require manual effort to integrate defense techniques into existing systems. In this paper, we present a solution that provides a completely automatic protection from XSRF attacks. More precisely, our approach is based on a server-side proxy that detects and prevents XSRF attacks in a way that is transparent to users as well as to the web application itself. We provide experimental results that demonstrate that we can use our prototype to secure a number of popular open-source web applications, without negatively affecting their behavior.},
      }
  • Stefan Biffl and Gernot Goluch and Dietmar Winkler and Ramona Varvaroi, "An Empirical Study On Integrating Analytical Quality Assurance Into Pair Programming," in Proceedings of 5th ACM-IEEE International Symposium on Empirical Software Engineering, 2006. BibTeX
    @INPROCEEDINGS{Winkler_EmpiricalStudyIntegrating_2006,
      Author = {Stefan Biffl and Gernot Goluch and Dietmar Winkler and Ramona Varvaroi},
      title = {An Empirical Study On Integrating Analytical Quality Assurance Into Pair Programming},
      booktitle = {Proceedings of 5th ACM-IEEE International Symposium on Empirical Software Engineering},
      year = {2006},
      month = {1},
      }
  • Markus Klemen and Stefan Biffl and Thomas Neubauer, "Secure Business Process Management: A Roadmap," in Proceedings of the First International Conference on Availability, Reliability and Security (ARES), 2006, pp. 457-464. BibTeX
    @INPROCEEDINGS{Neubauer_SecureBusinessProcess_2006,
      Author = {Markus Klemen and Stefan Biffl and Thomas Neubauer},
      title = {Secure Business Process Management: A Roadmap},
      booktitle = {Proceedings of the First International Conference on Availability, Reliability and Security (ARES)},
      year = {2006},
      month = {1},
      pages = {457--464},
      publisher = {IEEE Computer Society},
      }
  • Christopher Kruegel and Engin Kirda and Manuel Egele and Martin Szydlowski, "Using Static Program Analysis to Aid Intrusion Detection," in Proceedings of Detection of Intrusions and Malware and Vulnerability Assessment, 2006. BibTeX
    @INPROCEEDINGS{Egele_UsingStaticProgram_2006,
      Author = {Christopher Kruegel and Engin Kirda and Manuel Egele and Martin Szydlowski},
      title = {Using Static Program Analysis to Aid Intrusion Detection},
      booktitle = {Proceedings of Detection of Intrusions and Malware and Vulnerability Assessment},
      year = {2006},
      month = {7},
      abstract = {The Internet, and in particular the world-wide web, have become part of the everyday life of millions of people. With the growth of the web, the demand for on-line services rapidly increased. Today, whole industry branches rely on the Internet to do business. Unfortunately, the success of the web has recently been overshadowed by frequent reports of security breaches. Attackers have discovered that poorly written web applications are the Achilles heel of many organizations. The reason is that these applications are directly available through firewalls and are often developed by programmers who focus on features and tight schedules instead of security. In previous work, we developed an anomaly-based intrusion detection system that uses learning techniques to identify attacks against webbased applications. That system focuses on the analysis of the request parameters in client queries, but does not take into account any information about the protected web applications themselves. The result are imprecise models that lead to more false positives and false negatives than necessary. In this paper, we describe a novel static source code analysis approach for PHP that allows us to incorporate information about a web application into the intrusion detection models. The goal is to obtain a more precise characterization of web request parameters by analyzing their usage by the program. This allows us to generate more precise intrusion detection models. In particular, our analysis allows us to determine the names of request parameters expected by a program and provides information about their types, structure, or even concrete value sets. Our experimental evaluation demonstrates that the information derived statically from web applications closely characterizes the parameter values observed in real-world traffic.},
      }
  • Stefan Fenz and Edgar R. Weippl, "Ontology-based IT-Security Planning," in Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing, PRDC2006, 2006, pp. 389-390. BibTeX | PDF
    @INPROCEEDINGS{Fenz_OntologybasedITSecurityPlanning_2006,
      Author = {Stefan Fenz and {Edgar R.} Weippl},
      title = {Ontology-based IT-Security Planning},
      booktitle = {Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing, PRDC2006},
      year = {2006},
      month = {12},
      abstract = {IT-security has become a much diversified field and small and medium sized enterprises (SMEs), in particular, do not have the financial ability to implement a holistic IT-security approach. We thus propose a security ontology, to provide a solid base for an applicable and holistic IT-security approach for SMEs, enabling low-cost risk management and threat analysis.},
      pdf = {2006 - Fenz - Ontology-based IT Security Planning.pdf},
      pages = {389-390},
      publisher = {IEEE Computer Society},
      note = {9353421},
      }
  • Andreas Ekelhart and Stefan Fenz and Markus Klemen and A Min Tjoa and Edgar R. Weippl, "Ontology-based Business Knowledge for Simulating Threats to Corporate Assets," in Practical Aspects of Knowledge Management, 6th International Conference, PAKM 2006, 2006, pp. 37-48. BibTeX | PDF
    @INPROCEEDINGS{Ekelhart_OntologybasedBusinessKnowledge_2006,
      Author = {Andreas Ekelhart and Stefan Fenz and Markus Klemen and {A Min} Tjoa and {Edgar R.} Weippl},
      title = {Ontology-based Business Knowledge for Simulating Threats to Corporate Assets},
      booktitle = {Practical Aspects of Knowledge Management, 6th International Conference, PAKM 2006},
      year = {2006},
      month = {12},
      pdf = {2006 - Ekelhart - Ontology-based Business Knowledge for Simulating Threats to Corporate Assets.pdf},
      volume = {4333_2006},
      pages = {37--48},
      publisher = {Springer Berlin Heidelberg},
      }
  • Christopher Kruegel and Engin Kirda and Giovanni Vigna and Patrick Klinkoff, "Extending .NET Security to Unmanaged Code," in In Proceedings of the 9th Information Security Conference (ISC 2006), 2006. BibTeX
    @INPROCEEDINGS{Klinkoff_ExtendingNETSecurity_2006,
      Author = {Christopher Kruegel and Engin Kirda and Giovanni Vigna and Patrick Klinkoff},
      title = {Extending .NET Security to Unmanaged Code},
      booktitle = {In Proceedings of the 9th Information Security Conference (ISC 2006)},
      year = {2006},
      month = {9},
      }
  • Mark Strembeck and Uwe Zdun, "Modeling Composition in Dynamic Programming Environments with Model Transformations," in 5th International Symposium on Software Composition (SC),, 2006. BibTeX
    @INPROCEEDINGS{Zdun_Modeling_Composition_in_Dynami_2006,
      Author = {Mark Strembeck and Uwe Zdun},
      title = {Modeling Composition in Dynamic Programming Environments with Model Transformations},
      booktitle = {5th International Symposium on Software Composition (SC), },
      year = {2006},
      month = {3},
      }
  • Christopher Kruegel and Engin Kirda and Giovanni Vigna and Patrick Klinkoff, "Extending .NET Security to Unmanaged Code," in In Proceedings of the 9th Information Security Conference (ISC 2006), 2006. BibTeX
    @INPROCEEDINGS{Klinkoff_Extending.NETSecurity_2006,
      Author = {Christopher Kruegel and Engin Kirda and Giovanni Vigna and Patrick Klinkoff},
      title = {Extending .NET Security to Unmanaged Code},
      booktitle = {In Proceedings of the 9th Information Security Conference (ISC 2006)},
      year = {2006},
      month = {9},
      abstract = {The number of applications that are downloaded from the Internet and executed on-the-fly is increasing every day. Unfortunately, not all of these applications are benign, and, often, users are unsuspecting and unaware of the intentions of a program. To facilitate and secure this growing class of mobile code, Microsoft introduced the .NET framework, a new development and runtime environment where machineindependent byte-code is executed by a virtual machine. An important feature of this framework is that it allows access to native libraries to support legacy code or to directly invoke the Windows API. Such native code is called unmanaged (as opposed to managed code). Unfortunately, the execution of unmanaged native code is not restricted by the .NET security model, and, thus, provides the attacker with a mechanism to completely circumvent the framework's security mechanisms. The approach described in this paper uses a sandboxing mechanism to prevent an attacker from executing malicious, unmanaged code that is not permitted by the security policy. Our sandbox is implemented as two security layers, one on top of the Windows API and one in the kernel. Also, managed and unmanaged parts of an application are automatically separated and executed in two different processes. This ensures that potentially unsafe code can neither issue system calls not permitted by the .NET security policy nor tamper with the memory of the .NET runtime. Our proof-of-concept implementation is transparent to applications and secures unmanaged code with a generally acceptable performance penalty. To the best of our knowledge, the presented architecture and implementation is the first solution to secure unmanaged code in .NET.},
      }
  • Christopher Kruegel and Engin Kirda and Giovanni Vigna and Richard A. Kemmerer and Greg Banks, "Behavior-Based Spyware Detection," in Proceedings of USENIX Security 06, 2006. BibTeX
    @INPROCEEDINGS{Kirda_BehaviorBasedSpywareDetection_2006,
      Author = {Christopher Kruegel and Engin Kirda and Giovanni Vigna and Richard A. Kemmerer and Greg Banks},
      title = {Behavior-Based Spyware Detection},
      booktitle = {Proceedings of USENIX Security 06},
      year = {2006},
      month = {8},
      }
  • Markus Klemen and Stefan Biffl and Thomas Neubauer, "Business Process-based Valuation of IT-Security," in International ACM Conference on Software Engineering, Proceedings of the seventh international workshop on economics-driven software engineering research (EDSER’05), 2005. BibTeX
    @INPROCEEDINGS{Neubauer_BusinessProcessbasedValuation_2005,
      Author = {Markus Klemen and Stefan Biffl and Thomas Neubauer},
      title = {Business {P}rocess-based {V}aluation of {IT}-{S}ecurity},
      booktitle = {International {ACM} {C}onference on {S}oftware {E}ngineering, {P}roceedings of the seventh international workshop on economics-driven software engineering research ({EDSER}'05)},
      year = {2005},
      month = {1},
      }
  • Stefan Biffl and Gernot Goluch and Silvia Miksch and Bettina Thurnher and Dietmar Winkler and Wolfgang Aigner, "An Empirical investigation on the Visualization of Temporal Uncertainties in Software Engineering Project Planning," in Proceedings of 5th ACM-IEEE International Symposium on Empirical Software Engineering, 2005. BibTeX
    @INPROCEEDINGS{Biffl_EmpiricalinvestigationVisualization_2005,
      Author = {Stefan Biffl and Gernot Goluch and Silvia Miksch and Bettina Thurnher and Dietmar Winkler and Wolfgang Aigner},
      title = {An Empirical investigation on the Visualization of Temporal Uncertainties in Software Engineering Project Planning},
      booktitle = {Proceedings of 5th ACM-IEEE International Symposium on Empirical Software Engineering},
      year = {2005},
      month = {1},
      }
  • A Min Tjoa and Stefan Fenz and Edgar R. Weippl and Markus Klemen and Andreas Ekelhart, "The Semantic Desktop: A Semantic Personal Information Management System based on RDF and Topic Maps," in Proceedings of the ODBIS Workshop, 31st International Conference on Very Large Data Bases (VLDB) 2005, 2005, pp. 135-151. BibTeX
    @INPROCEEDINGS{Weippl_SemanticDesktopSemantic_2005,
      Author = {{A Min} Tjoa and Stefan Fenz and {Edgar R.} Weippl and Markus Klemen and Andreas Ekelhart},
      title = {The Semantic Desktop: A Semantic Personal Information Management System based on RDF and Topic Maps},
      booktitle = {Proceedings of the ODBIS Workshop, 31st International Conference on Very Large Data Bases (VLDB) 2005},
      year = {2005},
      month = {10},
      number = {4623},
      pages = {135-151},
      }
  • A Min Tjoa and Edgar R. Weippl, "Privacy in E-learning: How to Implement Anonymity," in Proceedings the 3rd ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-05), Workshop on E-Learning Online Communities (eLOC), 2005. BibTeX
    @INPROCEEDINGS{Weippl_PrivacyinElearning_2005a,
      Author = {{A Min} Tjoa and {Edgar R.} Weippl},
      title = {Privacy in E-learning: How to Implement Anonymity},
      booktitle = {Proceedings the 3rd ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-05), Workshop on E-Learning Online Communities (eLOC)},
      year = {2005},
      month = {1},
      }
  • Edgar R. Weippl, "Dependability in E-Assessment," in Proceedings of ED-MEDIA 2005, 2005. BibTeX
    @INPROCEEDINGS{Weippl_DependabilityinEAssessment_2005,
      Author = {{Edgar R.} Weippl},
      title = {Dependability in E-Assessment},
      booktitle = {Proceedings of ED-MEDIA 2005},
      year = {2005},
      month = {1},
      }
  • Edgar R. Weippl, "Non-Repudiation and Audits in E-Learning, invited paper," in Proceedings of E-Learn 2005, 2005, pp. 1785-1790. BibTeX
    @INPROCEEDINGS{Weippl_NonRepudiationandAudits_2005,
      Author = {{Edgar R.} Weippl},
      title = {Non-Repudiation and Audits in E-Learning, invited paper},
      booktitle = {Proceedings of E-Learn 2005},
      year = {2005},
      month = {1},
      pages = {1785--1790},
      }
  • Edgar R. Weippl and Eva Gahleitner and Wernher Behrendt and Juergen Palkoska, "On Cooperatively Creating Dynamic Ontologies," in Proceedings of the 16th ACM Conference on Hypertext and Hypermedia, 2005. BibTeX | PDF
    @INPROCEEDINGS{Gahleitner_CooperativelyCreatingDynamic_2005,
      Author = {{Edgar R.} Weippl and Eva Gahleitner and Wernher Behrendt and Juergen Palkoska},
      title = {On Cooperatively Creating Dynamic Ontologies},
      booktitle = {Proceedings of the 16th ACM Conference on Hypertext and Hypermedia},
      year = {2005},
      month = {9},
      pdf = {p208-gahleitner.pdf},
      publisher = {ACM},
      acm = {878760},
      }
  • Edgar R. Weippl and Gerald Futschek and Hakan Kalinyaprak and Georg Blaha, "E-Learning without Text and Language: A Language-Free Learning Model," in Proceedings of EDMEDIA 2005, 2005. BibTeX
    @INPROCEEDINGS{Kalinyaprak_ELearningwithoutText_2005,
      Author = {{Edgar R.} Weippl and Gerald Futschek and Hakan Kalinyaprak and Georg Blaha},
      title = {E-Learning without Text and Language: A Language-Free Learning Model},
      booktitle = {Proceedings of EDMEDIA 2005},
      year = {2005},
      month = {6},
      }
  • Edgar R. Weippl and Markus Klemen and Manfred Linnert and Stefan Fenz and Gernot Goluch and A Min Tjoa, "Semantic Storage: A Report on Performance and Flexibility," in Database and Expert Systems Applications, 16th International Conference, DEXA 2005, 2005, pp. 586-595. BibTeX | PDF
    @INPROCEEDINGS{Weippl_SemanticStorageReport_2005,
      Author = {{Edgar R.} Weippl and Markus Klemen and Manfred Linnert and Stefan Fenz and Gernot Goluch and {A Min} Tjoa},
      title = {Semantic Storage: A Report on Performance and Flexibility},
      booktitle = {Database and Expert Systems Applications, 16th International Conference, DEXA 2005},
      year = {2005},
      month = {8},
      abstract = {Desktop search tools are becoming more popular. They have to deal with increasing amounts of locally stored data. Another approach is to analyze the semantic relationship between collected data in order to preprocess the data semantically. The goal is to allow searches based on relationships between various objects instead of focusing on the name of objects. We introduce a database architecture based on an existing software prototype, which is capable of meeting the various demands for a semantic information manager. We describe the use of an association table which stores the relationships between events. It enables adding or removing data items easily without the need for schema modifications. Existing optimization techniques of RDBMS can still be used.},
      pdf = {2005-Weippl.pdf},
      volume = {3588_2005},
      pages = {586-595},
      publisher = {Springer Berlin Heidelberg},
      }
  • Thomas Neubauer, "Value-Based Decision Support in Software Engineering," in Proceedings of the Alpine Software Engineering Workshop 2004, 2004. BibTeX
    @INPROCEEDINGS{Neubauer_ValueBasedDecisionSupport_2004,
      Author = {Thomas Neubauer},
      title = {Value-{B}ased {D}ecision {S}upport in {S}oftware {E}ngineering},
      booktitle = {Proceedings of the Alpine {S}oftware {E}ngineering {W}orkshop 2004},
      year = {2004},
      month = {1},
      }
  • Otto Hellwig, "CIRCA – Computer Incident Response Coordination Austria," in DACH Security 2004, 2004. BibTeX
    @INPROCEEDINGS{Hellwig2004CIRCA,
      Author = {Otto Hellwig},
      title = {CIRCA - Computer Incident Response Coordination Austria},
      booktitle = {DACH Security 2004},
      year = {2004},
      month = {0},
      }
  • Edgar R. Weippl, "Building secure knowledge bases: combining Java agents and DBagents," in Proceedings of the fifth international conference on Autonomous agents (AGENTS), 2001. BibTeX | PDF
    @INPROCEEDINGS{_Building_secure_knowledge_base_2001,
      Author = {{Edgar R.} Weippl},
      title = {Building secure knowledge bases: combining Java agents and DBagents},
      booktitle = {Proceedings of the fifth international conference on Autonomous agents (AGENTS)},
      year = {2001},
      month = {5},
      pdf = {p212-weippl.pdf},
      acm = {06996},
      }
  • Edgar R. Weippl and Hans Lohninger, "Knowledge Landscapes: A VR Interface for CBT Knowledge Bases," in 10th European-Japanese Conference on Information Modeling and Knowledge Bases, 2000. BibTeX
    @INPROCEEDINGS{weippl_bm,
      Author = {{Edgar R.} Weippl and Hans Lohninger},
      title = {Knowledge Landscapes: A VR Interface for CBT Knowledge Bases},
      booktitle = {10th European-Japanese Conference on Information Modeling and Knowledge Bases},
      year = {2000},
      month = {5},
      note = {Reprinted in Kangassalo H., Jaakkola H., Kawaguchi E. (eds), Information Modelling and Knowledge Bases XII, 271-274, ISBN 1-58603-1635. IOS Press, Amsterdam, 2001.},
      }
  • Edgar R. Weippl and Hans Lohninger, "Teach Me: Leveraging CBT-Course Efficiency Using Improved User Interfaces," in Proceedings of the International Conference on Information and Communication Technologies for Education (EDICT), 2000, pp. 355-362. BibTeX
    @INPROCEEDINGS{weippl_bj,
      Author = {{Edgar R.} Weippl and Hans Lohninger},
      title = {Teach Me: Leveraging CBT-Course Efficiency Using Improved User Interfaces},
      booktitle = {Proceedings of the International Conference on Information and Communication Technologies for Education (EDICT)},
      year = {2000},
      month = {12},
      pages = {355-362},
      }
  • Edgar R. Weippl, "Coimbra: secure Web access to multimedia content," in Proceedings of the 2000 ACM workshops on Multimedia (MULTIMEDIA), 2000. BibTeX | PDF
    @INPROCEEDINGS{_Coimbra_secure_Web_access_to_m_2000,
      Author = {{Edgar R.} Weippl},
      title = {Coimbra: secure Web access to multimedia content},
      booktitle = {Proceedings of the 2000 ACM workshops on Multimedia (MULTIMEDIA)},
      year = {2000},
      month = {11},
      pdf = {p145-weippl.pdf},
      acm = {90340},
      }
  • Edgar R. Weippl and Wolfgang Essmayr, "Fine Grained Replication in Distributed Databases: A Taxonomy and Practical Considerations," in Proceedings of the 11th International Conference on Database and Expert Systems Applications (DEXA), 2000. BibTeX
    @INPROCEEDINGS{weippl_bk,
      Author = {{Edgar R.} Weippl and Wolfgang Essmayr},
      title = {Fine Grained Replication in Distributed Databases: A Taxonomy and Practical Considerations},
      booktitle = {Proceedings of the 11th International Conference on Database and Expert Systems Applications (DEXA)},
      year = {2000},
      month = {9},
      publisher = {LNCS Springer},
      }
  • Edgar R. Weippl and Wolfgang Essmayr, "Identity Mapping: An Approach to Unravel Enterprise Security Management Policies," in Proceedings of the 16th IFIP World Computer Congress, 2000. BibTeX
    @INPROCEEDINGS{weippl_bl,
      Author = {{Edgar R.} Weippl and Wolfgang Essmayr},
      title = {Identity Mapping: An Approach to Unravel Enterprise Security Management Policies},
      booktitle = {Proceedings of the 16th IFIP World Computer Congress},
      year = {2000},
      month = {8},
      publisher = {Kluwer},
      }
  • Edgar R. Weippl and Hans Lohninger, "Evaluating CBT Software Usage in Schools and Universities," in Proceedings of the 19th IDCE World Conference On Open Learning And Distance Education, 1999. BibTeX
    @INPROCEEDINGS{weippl_bo,
      Author = {{Edgar R.} Weippl and Hans Lohninger},
      title = {Evaluating CBT Software Usage in Schools and Universities},
      booktitle = {Proceedings of the 19th IDCE World Conference On Open Learning And Distance Education},
      year = {1999},
      month = {6},
      }
  • Edgar R. Weippl and Hans Lohninger, "Special Requirements for Information Visualization in CBT," in Proceedings of Edu Compugraphics 97, 1997, pp. 133-139. BibTeX
    @INPROCEEDINGS{weippl_bp,
      Author = {{Edgar R.} Weippl and Hans Lohninger},
      title = {Special Requirements for Information Visualization in CBT},
      booktitle = {Proceedings of Edu Compugraphics 97},
      year = {1997},
      month = {12},
      pages = {133-139},
      note = {ISBN 972-8342-02-0},
      }
  • Otto Hellwig, "Öffentliche Datenbanken und Netzwerke in Österreich," in Neue Informationstechnologien und Verwaltung, Fachtagung, Linz, 1983. BibTeX
    @INPROCEEDINGS{Hellwig1983ffentliche,
      Author = {Otto Hellwig},
      title = {Öffentliche Datenbanken und Netzwerke in Österreich},
      booktitle = {Neue Informationstechnologien und Verwaltung, Fachtagung, Linz},
      year = {1983},
      month = {9},
      }
  • Edgar R. Weippl and Viesturs Kaugers, "Recent developments in model-driven architecture and security," in NA, 1900. BibTeX
    @INPROCEEDINGS{Kaugers_Recent_developments_in_model_d_2010,
      Author = {{Edgar R.} Weippl and Viesturs Kaugers},
      title = {Recent developments in model-driven architecture and security},
      booktitle = {NA},
      year = {1900},
      month = {0},
      abstract = {Security is definitely one of the most important aspects in business information systems. This aspect is strongly related to costs, risks and reputation of organization. Currently innovative way to develop software is offered by model-driven architecture. This architecture uses models and transformations to generate executable code. Along with model-driven architecture there is one more approach based on mentioned methodology for developing secure systems. its called model-driven security. It uses the same principles as model-driven security but also introduces new ones like special languages for modeling security requirements, frameworks for building secure systems and means to define security policies. This paper describes current situation, presents overview of topical and perspective model-driven architecture and security developments and gives conclusions on the subject.},
      note = {Unpublished yet},
      }

patent

  • Thomas Neubauer and Bernhard Riedl and Oswald Boehm, Data processing system for processing of object data, 2007. BibTeX
    @PATENT{Riedl_Dataprocessingsystem_2007a,
      Author = {Thomas Neubauer and Bernhard Riedl and Oswald Boehm},
      title = {Data processing system for processing of object data},
      booktitle = {US-Provisional-Application},
      year = {2007},
      month = {1},
      }
  • Thomas Neubauer and Bernhard Riedl and Oswald Boehm, Datenverarbeitungssystem zur Verarbeitung von Objektdaten, 2007. BibTeX
    @PATENT{Riedl_DatenverarbeitungssystemzurVerarbeitung_2007,
      Author = {Thomas Neubauer and Bernhard Riedl and Oswald Boehm},
      title = {Datenverarbeitungssystem zur {V}erarbeitung von {O}bjektdaten},
      booktitle = {Austrian Patent, Nr. 503291, September},
      year = {2007},
      month = {1},
      }
  • Thomas Neubauer and Bernhard Riedl and Oswald Boehm, Data processing system for processing of object data, 2007. BibTeX
    @PATENT{Riedl_Dataprocessingsystem_2007,
      Author = {Thomas Neubauer and Bernhard Riedl and Oswald Boehm},
      title = {Data processing system for processing of object data},
      booktitle = {PCT-Provisional-Application},
      year = {2007},
      month = {1},
      }

techreport

  • Bernhard Hoisl and Stefan Sobernig and Mark Strembeck, "A Catalog of Reusable Design Decisions for Developing UML/MOF-based Domain-specific Modeling Languages," 2015. BibTeX | PDF
    @TECHREPORT{Hoisl2015Catalog,
      Author = {Bernhard Hoisl and Stefan Sobernig and Mark Strembeck},
      title = {A Catalog of Reusable Design Decisions for Developing UML/MOF-based Domain-specific Modeling Languages},
      booktitle = {Technical Reports (Institute for Information Systems and New Media, WU Vienna)},
      year = {2015},
      month = {2},
      pdf = {http://nm.wu.ac.at/nm/file/catalog-post-study.pdf?m=download},
      volume = {108},
      }
  • Stefan Sobernig and Bernhard Hoisl and Mark Strembeck, "Protocol for a Systematic Literature Review on Design Decisions for UML-based DSMLs," 2015. BibTeX | PDF
    @TECHREPORT{Sobernig2015Protocol,
      Author = {Stefan Sobernig and Bernhard Hoisl and Mark Strembeck},
      title = {Protocol for a Systematic Literature Review on Design Decisions for UML-based DSMLs},
      booktitle = {Technical Reports (Institute for Information Systems and New Media, WU Vienna)},
      year = {2015},
      month = {2},
      pdf = {http://nm.wu.ac.at/nm/file/protocol.pdf?m=download},
      }
  • Maria Leitner and Zhendong Ma and Stefanie Rinderle-Ma, "A Cross-Layer Security Analysis for Process-Aware Information Systems," 2015. BibTeX | PDF
    @TECHREPORT{Leitner2015CrossLayer,
      Author = {Maria Leitner and Zhendong Ma and Stefanie Rinderle-Ma},
      title = {A Cross-Layer Security Analysis for Process-Aware Information Systems},
      booktitle = {arxiv.org},
      year = {2015},
      month = {7},
      pdf = {http://arxiv.org/pdf/1507.03415v1.pdf},
      }
  • Martin Schmiedecker, "New challenges in digital forensics: online storage and anonymous communication," 2014. BibTeX | PDF | Slides
    @TECHREPORT{Mulazzani2014challenges,
      Author = {Martin Schmiedecker},
      title = {New challenges in digital forensics: online storage and anonymous communication},
      booktitle = {PhD Thesis},
      year = {2014},
      month = {0},
      pdf = {dissertation_Mulazzani.pdf},
      link_slides = {http://www.slideshare.net/SBAResearch/presentation-diss},
      }
  • Lukas Weichselbaum and Matthias Neugschwandtner and Martina Lindorfer and Yanick Fratantonio and Victor Van der Veen and Christian Platzer, "Andrubis: Android Malware Under The Magnifying Glass," 2014. BibTeX | PDF
    @TECHREPORT{Weichselbaum2014Andrubis,
      Author = {Lukas Weichselbaum and Matthias Neugschwandtner and Martina Lindorfer and Yanick Fratantonio and Victor {Van der Veen} and Christian Platzer},
      title = {Andrubis: Android Malware Under The Magnifying Glass},
      booktitle = {Technical Report},
      year = {2014},
      month = {7},
      pdf = {iseclab.org/papers/andrubis_techreport.pdf},
      }
  • Manuel Leithner and Edgar R. Weippl, "Book Review: Thors Microsoft Security Bible by Timothy Thor Mullen," 2012. BibTeX
    @TECHREPORT{_Book_Review_Thor_s_Microsoft_S_2012,
      Author = {Manuel Leithner and {Edgar R.} Weippl},
      title = {Book Review: Thors Microsoft Security Bible by Timothy Thor Mullen},
      booktitle = {Computers & Security},
      year = {2012},
      month = {5},
      }
  • Manuel Leithner and Edgar R. Weippl, "Book Review: Xbox360 Forensics by Steven Bolt," 2012. BibTeX
    @TECHREPORT{_Book_Review_Xbox360_Forensics__2012,
      Author = {Manuel Leithner and {Edgar R.} Weippl},
      title = {Book Review: Xbox360 Forensics by Steven Bolt},
      booktitle = {Computers & Security},
      year = {2012},
      month = {5},
      note = {Not Peer Reviewed},
      }
  • Martin Schmiedecker and Philipp Reschl and Markus Huber and Manuel Leithner and Edgar R. Weippl, "Fast and Efficient Browser Identification with JavaScript Engine Fingerprinting," 2012. BibTeX | PDF
    @TECHREPORT{_Fast_and_Efficient_Browser_Ide_2012,
      Author = {Martin Schmiedecker and Philipp Reschl and Markus Huber and Manuel Leithner and {Edgar R.} Weippl},
      title = {Fast and Efficient Browser Identification with JavaScript Engine Fingerprinting},
      booktitle = {Technical Report TR-SBA-Research-0512-01},
      year = {2012},
      month = {5},
      pdf = {jsfingerprinting_Tech_Report.pdf},
      }
  • Bernhard Hoisl and Stefan Sobernig and Sigrid Schefer Wenzl and Mark Strembeck and Anne Baumgrass, "A Catalog of Reusable Design Decisions for Developing UML- and MOF-based Domain-Specific Modeling Languages," 2012. BibTeX
    @TECHREPORT{_A_Catalog_of_Reusable_Design_D_2012,
      Author = {Bernhard Hoisl and Stefan Sobernig and Sigrid Schefer Wenzl and Mark Strembeck and Anne Baumgrass},
      title = {A Catalog of Reusable Design Decisions for Developing UML- and MOF-based Domain-Specific Modeling Languages},
      booktitle = {Technical Report},
      year = {2012},
      month = {0},
      note = {Technical Reports},
      }
  • Aleksandar Hudic and Edgar R. Weippl, "Book Review: Private Cloud Computing: Consolidation, Virtualization, and Service Oriented Infrastructure by Stephen R Smoot, Nam K Tan," 2012. BibTeX
    @TECHREPORT{_Book_Review_Private_Cloud_Comp_2012,
      Author = {Aleksandar Hudic and {Edgar R.} Weippl},
      title = {Book Review: Private Cloud Computing: Consolidation, Virtualization, and Service Oriented Infrastructure by Stephen R Smoot, Nam K Tan},
      booktitle = {Computers & Security},
      year = {2012},
      month = {5},
      }
  • Edgar R. Weippl, "Book Review: Enterprise Security for the Executive by Jennifer L. Bayuk," 2012. BibTeX
    @TECHREPORT{_Book_Review_Enterprise_Securit_2012,
      Author = {{Edgar R.} Weippl},
      title = {Book Review: Enterprise Security for the Executive by Jennifer L. Bayuk },
      booktitle = {Computers & Security},
      year = {2012},
      month = {5},
      }
  • Markus Huber and Martin Schmiedecker and Gerhard Kitzler and Sigrun Goluch and Edgar R. Weippl, "Friend-in-the-middle Attacks," 2010. BibTeX | PDF
    @TECHREPORT{Huber2010Friendin-the-middle,
      Author = {Markus Huber and Martin Schmiedecker and Gerhard Kitzler and Sigrun Goluch and {Edgar R.} Weippl},
      title = {Friend-in-the-middle Attacks},
      booktitle = {Technical Report},
      year = {2010},
      month = {1},
      pdf = {FITM_TR-SBA-Research-0710-01.pdf},
      }

thesis

  • Christoph Mahrl, "Instant Messaging und Presence Security – Analyse von Maßnahmen für sichere und anonyme Kommunikation," , 2015. BibTeX | PDF
    @THESIS{Mahrl2015Instant,
      Author = {Christoph Mahrl},
      title = {Instant Messaging und Presence Security – Analyse von Maßnahmen für sichere und anonyme Kommunikation},
      booktitle = {Bachelor Thesis},
      year = {2015},
      month = {5},
      pdf = {Mahrl_Christoph_BIS.PDF},
      }
  • Philipp Reisinger, "Studie Informationssicherheit in Deutschland, Österreich und der Schweiz 2015," , 2015. BibTeX | PDF
    @THESIS{Reisinger2015Studie,
      Author = {Philipp Reisinger},
      title = {Studie Informationssicherheit in Deutschland, Österreich und der Schweiz 2015},
      booktitle = {Studie Informationssicherheit in Deutschland, Österreich und der Schweiz 2015},
      year = {2015},
      month = {0},
      pdf = {https://www.fhstp.ac.at/de/mediathek/pdfs/news/studie-informationssicherheit.pdf/@@download/file/Studie Informationssicherheit.pdf},
      }
  • Philipp Reisinger, "Studie zur Informationssicherheit in Österreich, 2013," , 2013. BibTeX | Slides
    @THESIS{Reisinger2013Studie,
      Author = {Philipp Reisinger},
      title = {Studie zur Informationssicherheit in Österreich, 2013},
      booktitle = {Studie zur Informationssicherheit in Österreich, 2013},
      year = {2013},
      month = {0},
      link_slides = {http://itsecx.fhstp.ac.at/wp-content/uploads/2013/11/ITSECX_IS_Studie.pdf},
      }
  • Markus Huber, "Automated Social Engineering, Proof of Concept," , 2009. BibTeX
    @THESIS{MHuber_ASEthesis09,
      Author = {Markus Huber},
      title = {Automated Social Engineering, Proof of Concept},
      booktitle = {Master Thesis},
      year = {2009},
      month = {3},
      }
  • Stefan Fenz, "Ontology- and Bayesian-based information security risk management," , 2008. BibTeX
    @THESIS{Fenz_OntologyandBayesianbased_2008,
      Author = {Stefan Fenz},
      title = {Ontology- and Bayesian-based information security risk management},
      booktitle = {Diss},
      year = {2008},
      month = {10},
      }
  • Thomas Neubauer, "Business Process Based Valuation and Selection of IT Investments, Development and Implementation of a Method for the Interactive Selection of IT Investments under Multiple Objectives," , 2007. BibTeX
    @THESIS{Neubauer_BusinessProcessBased_2007,
      Author = {Thomas Neubauer},
      title = {Business Process Based Valuation and Selection of IT Investments, Development and Implementation of a Method for the Interactive Selection of IT Investments under Multiple Objectives},
      booktitle = {Dissertation},
      year = {2007},
      month = {10},
      }

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close