Home | deutsch  | Legals | Data Protection | Sitemap | KIT
Contact

KIT Campus Süd
Kollegiengebäude am Kronenplatz (Bld. 05.20)
Kaiserstr. 89
76133 Karlsruhe

   

Newsletter subscription
YouTube subscription

SECUSO Events
Tuesday, 01 Oct 2019
E-Vote-ID 2019
Sunday, 03 Nov 2019
Dagstuhl Seminar: Biggest Failures in Security

Further Events ...
Externe Veranstaltungen
Monday, 23 Sep 2019
ESORICS 2019
Thursday, 26 Sep 2019
STAST2019 SPOSE 2019

Further Events ...

KASTEL

Karlsruher IT-Sicherheitsinitiative

News
dialog@bw - Citizens' Forum on 11.9.2019 at the ZKM (09-09-2019)

To kick off the digilog@bw research project funded by the state of Baden-Württemberg, all citizens are invited to submit their questions during this event and thus help to shape the project. In addition to SECUSO, other experts from KIT but also from the University of Mannheim and the University of Tübingen will be represented. A panel discussion will give an insight into the project. Subsequently, questions and suggestions can be addressed to the experts in smaller rounds.
https://digilog-bw.de/events/dialogbw-buergerinnenforum-im-rahmen-des-forschungsprojekts-digilogbw

Paper at E-Vote-ID accepted (10-09-2019)

The paper "GI Elections with POLYAS: A Road to End-to-End Verifiable Elections" was accepted at E-Vote ID 2019. Apart from Melanie Volkamer, other KASTEL PIs (Prof. Beckert and Prof. Müller-Quade) as well as KASTEL PhD students are authors of the paper. The paper describes the activities of the GI Online Elections Working Group. More information will also be published in the next GI Radar.
https://www.e-vote-id.org/

SECUSO article in SCC news 2019 (27-08-2019)

During the international Safer Internet Day in February 2019 SECUSO participated in a KIT wide action to raise awareness for fradulent messages. The SCC news published an article to emphasize the success of this day. A lot of positive feedback is the reason for KIT to plan (and SECUSO to support) a second information event in the Cyber Security Month in autumn 2019.
https://www.scc.kit.edu/downloads/oko/SCCnews_01_2019_web.pdf

Melanie Volkamer in the program comittee of SAC 2020 (28-08-2019)

From the 30.03. to the 03.04.2020 takes the Symposium „Computer Security track“ in Brno (Czech Republic) place. Until the 15th of september 2019 papers can be submitted. Prof. Melanie Volkamer will be part oft he program comittee. For more information please follow this link.

Melanie Volkamers interview of the „Computerwoche“ (26-08-2019)

KASTEL-Professor Melanie Volkamer was interviewed for the article „What is Usable Security“ that was published on the 7th of august 2019 on the online platform of the „Computerwoche“. The article is about the human being as the weakest link of the security chain, because he makes mistakes. The question is, what does a user have to know to be secure online and does he have to be involved in the security process. Especially in the last point, Prof. Volkamer advises to pronounce certain design recommendations for developers, which should help the user to recognise the security easier.
https://www.computerwoche.de/a/amp/was-ist-usable-security,3547465

Presentation of our security awareness and education measures at the networking day for knowledge mediators of the BSI (23-08-2019)

On September 9th SECUSO in Berlin presents the security awareness and education materials developed and evaluated in the past (including flyers, cards and posters) in the 'market of possibilities' located in Berlin security awareness and education.
https://www.denkwerkstatt-cybersicherheit.de/vernetzungstag/

Third Security and Privacy Lunch is on the way (16-08-2019)

The next Security and Privacy Lunch at Café Gold is coming up. We would be delighted if we could once again welcome numerous researchers from a wide variety of organizations from Karlsruhe. The next lunch will take place on 20.08. at 13 o'clock. Also for "spontaneous" visits we ask for feedback to Rebekka Golling  so that we can reserve a sufficiently large table.

SECUSO participate at the 29th Cyber Security Day "Networks Protect Networks". (16-08-2019)

Our research group will be on-site at the 29th Cyber Security Day in Berlin on 26.09. We will be present with a booth and present our materials on Security Awareness and Education. In particular, the focus will be on the detection of phishing and other fraudulent messages. Besides, we will give an overview of the implementation of user studies and evaluation of our materials.
https://www.allianz-fuer-cybersicherheit.de/ACS/DE/Angebote/CST/post/CS-Tag29/cst29.html

SECUSO cooperates with Stadtwerke Ettlingen (14-08-2019)

Within the framework of the KASTEL project, the research group cooperates with Stadtwerke Ettlingen. The cooperation aims to analyze the process of IT security mediation of the municipal utilities. Based on the experiences of the research group and the current state analysis, proposals will be developed to help disseminate the current IT security information and measures with defined processes within the company. This improvement will then be evaluated in a study.
https://www.sw-ettlingen.de/
https://www.kastel.kit.edu/

„Society in the Digital Change – Digitalitisation in Dialogue“ (22-07-2019)

The research Group SECUSO represents KASTEL in the project „Digitalisation in Dialogue“ (Digilog). Digitalisation influences humans in many ways. Many questions are asked, e.g. how does Digitalisation influences our personal life and what risks and chances occur. To assure a positive transformation in future the main topics of digitalisation – „autonomy, knowledge and participation“ are discussed by various research institutions in Baden-Württemberg in order to provide scientifically grounded orientation knowledge.
https://mwk.baden-wuerttemberg.de/de/service/presse/pressemitteilung/pid/land-foerdert-zwei-vorhaben-zur-erforschung-der-gesellschaft-im-digitalen-wandel/​​​​​​​

Second Security and Privacy Lunch (17-07-2019)

Also the second "Monthly Security and Privacy Lunch" in the restaurant Gold was well attended. Once again, 20 researchers from various organisations and research groups were on site to discuss current topics. We are happy that the response has been so great and that new people are constantly joining us. The next lunch will take place on 20.08. We ask for feedback to Rebekka Golling until 13.08, so that we can reserve a sufficiently large table. 

Conference SICHERHEIT 2020 in Göttingen organizes Doctoral Forum (14-07-2019)

The conference SICHERHEIT 2020 takes place from the 17th to the 20th March 2020 in Göttingen. Melanie Volkamer is part of the programm committee. SICHERHEIT is a biennial conference. PhD candidates are invited to submit extended abstracts on their research related to any aspects of safety and security of IT systems until the 1st October 2019. More Informations can be found: 
https://www.uni-goettingen.de/en/doktorandenforum+/603166.html

SECUSO now sits in the hallway of 5.20-3A (01-07-2019)

So the move is almost complete and SECUSO has now moved into its new offices. From now on you can find our new offices in building 5.20-3A. There are some boxes and little things left. But soon we got completely used to the new premises and are looking forward to designing the hallway according to our ideas.

Guest lecture risk communication (28-06-2019)

We had the opportunity  to give a guest lecture on the 17.06. for the students of Zinaida Benenson at the Friedrich-Alexander-University of Erlangen-Nürnberg. Lukas Aldag gave a Lecture about risk communication. If you are interested take a look at the slides (unfortunately the slides are only available in German).

Next Security and Privacy Lunch (25-06-2019)

The first "Monthly Security and Privacy Lunch" at Restaurant Gold was a success with 20 researchers from KIT, FZI, Frauenhofer IOSB and Frauenhofer ISI. We hope all participants had as much fun as we did. We would be happy if we could welcome as many people to the next meeting on 16.07.2019. Please contact Rebekka Golling (rebekka.golling@kit.edu) so that we can plan accordingly.

Peter Mayer has joined the program committee of WAY 2019 (18-06-2019)

Peter Mayer has joined this year's program committee of the "5th Who Are You?! Adventures in Authentication Workshop (WAY 2019)". The workshop will take place on August 11, 2019, in Santa Clara, CA, USA. The program is now available at: https://wayworkshop.org/2019/program.html

https://wayworkshop.org/
Poster accepted at SOUPS 2019 (18-06-2019)

The poster "On The Systematic Development and Evaluation Of Password Security Awareness-Raising Materials" by Peter Mayer, Christian Schwartz, and Melanie Volkamer has been accepted for presentation at SOUPS 2018. The conference will be held August 11–13, 2019 in Santa Clara (USA).

https://www.usenix.org/conference/soups2019
Melanie Volkamer comments scobels discussion on „Datenflut und Wissensschatz“(18-06-2019)

Scobels video on 3sat discusses the use of new information technologies and algorithms. Melanie Volkamer talks about the need to create more awareness to what happens with the collected data in the future.

https://www.3sat.de/wissen/scobel/datenflut-und-wissensschatz-100.html
SECUSO Research ends facebook presence on the 15th of June 2019 (18-06-2019)

SECUSO Research used facebook for about five years as a platform to present current news and research results on topics such as data protection and the sensitive issue of the security of information. For some time, there has been negative press about facebooks negligent handling of data. Encrypted data and passwords are very important, so/ that’s why „SECUSO“ wants to set a statement by ending facebook presence.

KASTEL professors in the issue "Hacked - How do we protect ourselves against cyberattacks?" (12-06-2019)

"The invisible army" is the title of the article in the last issue of "Perspektiven", published by the research magazine of the Helmholtz Association. KASTEL spokesman Prof. Jörn Müller-Quade and KASTEL professor Melanie Volkamer commented on the possibilities of hackers and attackers to obtain important information and what users can do against it. The article is about how the increasingly digitalized world is making it easier for attackers to gain access to information and take control. Furthermore, it is discussed how we can make online data safer and how increasing awareness can also protect private users.

https://www.helmholtz.de/fileadmin/user_upload/04_mediathek/perspektiven/epaper-Perspektiven_02_Mai2019_W/index.html#10
Nina Gerber has joined the program committee for the 5th Usable Security and Privacy Workshop at Mensch & Computer 2019 (23-05-2019)

Until June 7th contributions for the 5th Usable Security and Privacy Workshop at Mensch & Computer 2019 can still be submitted: https://das.th-koeln.de/workshops/usp-muc-2019/

As in previous years, the workshop offers a great opportunity to exchange ideas with researchers and practitioners on topics related to user-centered security and privacy.

https://das.th-koeln.de/workshops/usp-muc-2019/
Paper “Comparing "Challenge-Based" and "Code-Based" Internet Voting Verification Implementations” accepted (23-05-2019)

The paper “Comparing "Challenge-Based" and "Code-Based" Internet Voting Verification Implementations” by Oksana Kulyk, Jan Henzel, Karen Renaud and Melanie Volkamer has been accepted at the INTERACT 2019 conference which will take place on September 2.-6 in  Pathos, Cyprus.

http://interact2019.org/
Melanie Volkamer speaks at the symposium "Information Security" (23-05-2019)

On June 27, 2019, Melanie Volkamer will give a talk at the symposium "Information Security" of Sparkassenverband Baden-Württemberg about sensitization research and how to reach your colleagues (German title: "Sensibilisierungsforschung: Wie erreichen Sie die Kolleginnen und Kollegen?").

https://vp.spk-akademie.de/vp/action?securedGetRequest=l1z44NQcnR0Oe_mLK9S9zkN4cZ80eoz9SpI6NAvuRrc
WI, SPOSE, STAST PC membership (23-05-2019)

As program-committee-member, Melanie Volkamer will support a number of conferences and workshops: "Information Security and Privacy" Track at WI 2020, SPOSE (Security, Privacy, Organizations, and Systems Engineering) and STAST (Socio-Technical Aspects in SecuriTy)) ESORICS workshops as well as Sicherheit 2020.

https://spose-ws.github.io/
http://www.stast.uni.lu/
http://www.sicherheit2020.de/

https://fb-wi.gi.de/veranstaltung/15-internationale-tagung-wirtschaftsinformatik-wi2020/
SECUSO member Peter Mayer has joined the organizing committee of the 2019 Annual Computer Security Applications Conference (ACSAC). (22-05-2019)

ACSAC brings together cutting-edge researchers, with a broad cross-section of security professionals drawn from academia, industry, and government, gathered to present and discuss the latest security results and topics. With peer reviewed technical papers, invited talks, panels, national interest discussions, workshops, and professional development and training courses, ACSAC continues its core mission of investigating practical solutions for computer and network security technology. This year's 35th edition of the conference will be held from 9-13 December 2019 in San Juan, Puerto Rico, USA.

https://www.acsac.org/2019/cfp/papers/
Alireza Zarei is newest member of SECUSO research team (30-04-2019)

Alireza Zarei has graduated from University of Göttingen with a Master degree in Applied Computer Science. Since April 2019, he is part of the GHOST project to develop a user-friendly application to improve security and privacy in Smart Homes.

Link_more
Privacy Friendly Apps Family is growing (18-04-2019)

SECUSO has released two new privacy friendly apps and one update. The Privacy Friendly Apps are a group of Android apps that are optimized regarding privacy. The apps are developed by students who thus gain experience in the privacy-friendly development of mobile applications.

The new apps are:

Food Tracker makes it possible to track daily calorie consumption.

Sketching App lets you create and save simple sketches

The updated app is:

Finance Manager can be used to monitor and manage personal financials.

Privacy Friendly Apps
Paper accepted at EuroUSEC

The paper “Why Johnny Fails to Protect his Privacy” by Nina Gerber, Verena Zimmermann and Melanie Volkamer has been accepted at EuroUSEC 2019.

Link_more
Monika Müller attends Spring E-Voting PhD Seminar (05-04-2019)

Monika Müller studies industrial engineering and works for SECUSO. She is interested in the usability of electronic elections. She will use the colloquium to establish contacts with doctoral students from various European universities and to exchange information on current research topics.

https://evoting-phd.secuso.org/
BMWi appoints Melanie Volkamer to the steering committee of the "IT-Sicherheit in der Wirtschaft" initiative (04-04-2019)

The Federal Ministry of Economics and Energy (BMWi) has appointed Prof. Dr. Melanie Volkamer to the steering committee of the "IT-Sicherheit in der Wirtschaft" initiative. The committee met in Berlin on March 12, 2019 for its constituent meeting. The steering committee consists of IT security experts from business, science and administration. It consults the initiative, provides impetus and supports it in raising awareness and implementing IT security measures.

https://www.it-sicherheit-in-der-wirtschaft.de/ITS/Redaktion/DE/Pressemitteilungen/2019/2019-03-12-bmwi-beruft-it-sicherheitsexperten.html
Paper accepted for publication in the journal Information and Computer Security (18-03-2019)

The paper „Keep on Rating - On the Systematic Rating and Comparison of Authentication Schemes” by Verena Zimmermann, Nina Gerber, Peter Mayer, Marius Kleboth, Alexandra von Preuschen and  Konstantin Schmidt has been accepted for publication in the journal Information and Computer Security.

https://www.emeraldinsight.com/loi/ics
Article accepted for publication in the journal "Datenschutz und Datensicherheit" (18-03-2019)

The article "Sichere Instant Messaging Apps" by Jacqueline Brendel and Nina Gerber was accepted for publication in the journal "Datenschutz und Datensicherheit".

https://www.springerprofessional.de/datenschutz-und-datensicherheit-dud/7466274
Update for flyer "Betrügerische Nachrichten" (18-03-2019)

We've updated our "Fraudulent Messages" flyer and extended our infocard and a poster.

Now the Infocard and Poster also contain tips for detecting fraudulent attachments. The material currently is only available in German.

https://secuso.aifb.kit.edu/downloads/Flyer/KIT-Faltblatt-Betruegerische-Nachrichten-2.pdf
Talk at the GFFT Technology Race

Melanie Volkamer will report on current research at the GFFT Technology Race "Measurement and Increase of Security Awareness" at Lekkerland in Cologne on April 26th, 2019. The talk will present foundations of sensitisation research and current results from the SECUSO research group.

https://www.gfft-portal.de/veranstaltungen/?cid=my-calendar&format=list&month=4&yr=2019
Neuer Informationsflyer zum Thema Auswahl einer Anmeldeoption

Basierend auf wissenschaftlich evaluierten Informationsmaterialien haben wir einen neuen Informationsflyer entwickelt, der Sie dabei unterstützt, eine passende Anmeldeoption für Dienstleister auszuwählen, die sowohl eine Single-Sign-On, als auch eine manuelle Anmeldeoption anbieten.

Link_more
Oksana Kulyk starting as an assistant professor at the ITU Copenhagen (28-02-2019)

A SECUSO member Oksana Kulyk will start as an assistant professor at the IT University of Copenhagen on the 1st of March. She will continue to collaborate with SECUSO within the GHOST project.

https://www.itu.dk
Lukas Aldag new SECUSO team member (27-02-2019)

Lukas Aldag is the newest member of the research group SECUSO at the Karlsruhe Institute for Technology (KIT). After finishing the master in psychology – human factor engineering, he supports the group in the domain of fraudulent messages and how to detect them.

Paper accepted at SPW 2019 (26-02-2019)

The paper "Audio CAPTCHA with a few cocktails: it’s so noisy I cant hear you" by Benjamin Maximilian Reinheimer, Fairooz Islam and Ilia Shumailov was accepted for publication at the International Workshop on Security Protocols (SPW). The conference will be held April 10-12th, 2019 in Cambridge (England).

https://www.cl.cam.ac.uk/events/spw/2019/
Paper accepted at PETS 2019 (19-02-2019)

The paper "Investigating People’s Privacy Risk Perception" by Nina Gerber, Benjamin Reinheimer and Melanie Volkamer was accepted for publication at the conference Privacy Enhancing Technologies Symposium (PETS). The conference will be held July 16-20th, 2019 in Stockholm (Sweden).

https://petsymposium.org
Information flyer on PIN management now available in English (18-02-2019)

Our information flyer on PIN management helps users to remember personal identification numbers (PINs) they received (e.g. from banks) by offering memorisation strategies. We have translated this flyer to English, thereby expanding our portfolio of English information flyers. The flyer can be downloaded from our website.

https://secuso.aifb.kit.edu/downloads/Flyer/KIT-Faltblatt_PIN-Management_25.01.2019.pdf
Action day at Safer Internet Day in cafeteria foyer at Campus Süd (05-02-2019)

Under the motto "Protect the IT-infrastructure of the KIT together" we developed new informaiton materials and awareness measures on the topic of cybersecurity together with other central facilities and research groups (SCC, KASTEL, AIFB, ZML). On the occasion of the Safer Internet Day, we present them to the public in the KIT cafeteria and make ourselves available for questions on the topic of cyber-security. 

https://www.scc.kit.edu/ueberuns/12695.php
Do not change your password despite "Change Your Password Day" (01-02-2019)

Despite „Change Your Password Day“, do not change your password for no reason! The security advantage of changing your passwords as a precation is rather small. A better opportunity to use the day would be to set up a password manager or to try out two-factor authentication for particularly sensitive user accounts. More detailed information on the topic of regular password change can be found here, and general information about the protection of user accounts can be found here (both links currently German language only). 

https://secuso.org/passwortsicherheit
Article published in the "DuD" Journal (31-01-2019)

The article "Diese Webseite verwendet Cookies: Wahrnehmungen und Reaktionen der Endnutzer auf Cookie-Meldungen" by Oksana Kulyk, Nina Gerber, Melanie Volkamer, Annika Hilt has been published in the February issue of the "DuD" journal.

https://www.springerprofessional.de/datenschutz-und-datensicherheit-dud/7466274
SECUSO informs about the risks during the Data Privacy Day (28-01-2019)

At todays Data Privacy Day we would like to inform about the different risks considering privacy. To do that we developed some flyer, tools or explanation videos. Visit the following site to get an overview of our recent results.

https://secuso.aifb.kit.edu/642.php
Paper accepted at the Usable Security NDSS Workshop (25-01-2019)

The paper “Does This App Respect My Privacy?  Design and Evaluation of Information Materials Supporting Privacy-Related Decisions of Smartphone Users” by Oksana Kulyk, Paul Gerber, Karola Marky, Christopher Beckmann and Melanie Volkamer has been accepted for publication at the Usable Security NDSS Workshop (USEC 2019), which takes place on 24. February in San Diego, CA.

https://www.ndss-symposium.org/ndss2019/cfp-usec-2019/
Henrik Mucha as new SECUSO researcher (23-01-2019)

Henrik Mucha is a new member of the SECUSO research group. Henrik has studied Industrial Design and Usability Engineering. He has worked for many years on the research questions of human-computer interaction in the context of assistant systems and their interaction design. As his research at SECUSO, Henrik will be working on the topic „Privacy through Interaction Design“.

https://secuso.aifb.kit.edu/Team.php
Article accepted to the journal "Datenschutz und Datensicherheit" (20-12-2018)

The article "Diese Webseite verwendet Cookies: Wahrnehmungen und Reaktionen der Endnutzer auf Cookie-Meldungen" by Oksana Kulyk, Nina Gerber, Melanie Volkamer, Annika Hilt was accepted for publication in the journal "Datenschutz und Datensicherheit".    

https://www.springerprofessional.de/datenschutz-und-datensicherheit-dud/7466274
Paper accepted at the ACM CHI Conference on Human Factors in Computing Systems (20-12-2018)

The paper “I (don't) see what you typed there! Shoulder-surfing resistant password entry on gamepads” by Peter Mayer, Nina Gerber, Benjamin Reinheimer, Philipp Rack, Kristoffer Braun and Melanie Volkamer has been conditionally accepted for publication at the ACM CHI Conference on Human Factors in Computing Systems, which will be held from 4th to 9th May 2019 in Glasgow, UK.

https://chi2019.acm.org/
SECUSO organises E-Vote-ID 2019 (19-12-2018)

Prof. Melanie Volkamer belongs to the organisers of the E-Vote-ID 2019. The E-Vote-ID conference takes place every year and is one of the leading conferences on the topic of electronic voting. The conference welcomes leading experts in the area of electronic voting from academic research, industry and politics to exchange ideas and discuss various aspects. The E-Vote-ID 2019 will take place on 1.-4. October in Bregenz, Austria.

Call for papers
Paper selected for presentation at the 16th German IT-Security Congress (13-12-2018)

The paper „Erklärvideo “Online-Betrug” – Nach nur fünf Minuten Phishing E-Mails nachweislich signifikant besser erkennen“ by Melanie Volkamer, Karen Renaud, Benjamin Reinheimer, Marco Ghiglieri, Nina Gerber, Peter Mayer, Philipp Rack and Alexandra Kunz was selected for presentation at the 16th German IT security congress, which is organized by the BSI.

https://www.bsi.bund.de/DE/Service/Aktuell/Veranstaltungen/IT-Sicherheitskongress/IT-Sicherheitskongress_node.html
DuD article published (30-11-2018)

The paper "Nutzerwahrnehmung der Ende-zu-Ende-Verschlüsselung in WhatsApp" by Nina Gerber, Verena Zimmermann, Birgit Henhapl, Sinem Emeröz, Melanie Volkamer and Tobias Hilt was published in the November issue of the DuD Journal.

https://www.springerprofessional.de/datenschutz-und-datensicherheit-dud/7466274
SECUSO employees at "Digitalisierung: Läuft!" (28-11-2018)

Our employees were at the start of the 3rd stage of "Digitalisation: Läuft!" in Karlsruhe on 16th November 2018. They represented both the KIT and KASTEL. On site was also Minister of Digitization Thomas Strobl, together with other employees of FZI, CyberForum and EnBW. The motto of the run was "security in the digital age". The stage led from the EnBW innovation campus to the newly launched "Cyberwehr des Landes am Forschungszentrum Informatik (FZI)". The aim of the event was the transfer of knowledge and a general exchange on the subject of digitisation. The new open innovation platform will also be launched within the framework of this event.

https://www.informatik.kit.edu/7009.php/event/35982
New awareness materials online: info card and poster on the topic of phishing (26-11-2018)

Already in the past we published different materials with explanations on how to identify phishing messages, which were usually evaluated in user studies. Now there are new materials available, in form of an pocket-sized info card with a short overview and in form of a poster for the office. The materials are currently only available in German language.

https://secuso.aifb.kit.edu/NoPhish.php
Phishing Workshop at the RFH IT Security & Forensic Days 2018, 8. and 9.11.2018 (31-10-2018)

The RFH Cologne organises the IT Security & Forensic Days for the second time. The aim is to increase the sensitivity for security in IT systems and to raise awareness of the primary topic. The event will include expert lectures, discussions and workshops on the topics of IT security, data protection and IT forensics. Benjamin Reinheimer will also hold a workshop on the subject of phishing and fraudulent messages. The audience, consisting of students, lecturers, alumni and experts from all sectors, will learn the essential rules for detecting phishing interactively and will be provided with support for its implementation in daily life.

https://www.rfh-koeln.de/aktuelles/termine/events_und_vortraege/index_ger.html?record_id=e18893&cur_id=e18893&site=rfh&ct=1540277547048
Three new Privacy-Friendly Apps published (29-10-2018)

Three new apps have been added to our group of Privacy-Friendly Apps. Among these apps are two new games. "2048" is a puzzle game, the goal of which is to reach the number 2048 by sliding the same numbers together. In our mobile version of a classic game "Minesweeper", one has to find all the mines on the playing field without triggering them. The third app “Finance Manager” can be used to monitor personal finances. As with the rest of privacy-friendly apps, the newly added apps are free and do not require any permissions that are not strictly necessary for their functionality. This means, that all of the three apps require no permissions. They furthermore contain no ads or user tracking mechanisms.

https://secuso.org/pfa
E-Vote-ID a success with over 100 participants (08-10-2018)

The International Joint Conference on Electronic Voting (E-Vote-ID) took place for the third time in Schloss Hofen in Bregenz, Austria. The conference hosted over 100 participants from five continents and provided a platform of talks and discussions among a variety of stakeholders, including academic researchers from different disciplines, practitioners and vendors. The pre-conference program included the PhD colloquium and demo session of voting systems.

https://www.e-vote-id.org
New information flyer on choosing iOS apps (08-10-2018)

Just in time for the European Cyber Security Month, we publish a new information flyer that helps you to choose privacy-friendlier apps for your iOS devices. This iOS-specific flyer is based on the flyer for Android devices, which has been evaluated in a user study, and is further developed based on the feedback of end users. The flyer is currently only available in German.

https://secuso.aifb.kit.edu/downloads/Flyer/KIT-Faltblatt-iOS-Apps.pdf
Paper accepted at the 2018 Annual Computer Security Applications Conference (26-09-2018)

The paper “On The Systematic Development and Evaluation Of Password Security Awareness-Raising Materials” by Peter Mayer, Christian Schwartz and Melanie Volkamer has been accepted for publication at the 2018 Annual Computer Security Applications Conference, which will be held December 3rd to 7th 2018 in San Juan, Puerto Rico, USA. The paper describes a process for the systematic development of awareness-raising materials, the application of that process for the creation of an awareness-raising material on the topic "protection of user accounts", as well as the evaluation of this material in three SMEs.

https://www.acsac.org
Benjamin Reinheimer presents at the DsiN MesseCampus@it-sa (26-09-2018)

Already in its 10th year, it-sa is organizing the DsiN MesseCampus@it-sa together with Deutschland sicher im Netz e.V..
The aim is to integrate young talents into the it-sa community and to present the IT security industry as an attractive, forward-looking industry for professional careers.
On the last day of the fair, we invite students from the higher semesters of IT security and related courses to visit the fair.
Benjamin Reinheimer will talk about his reasons for deciding to do research in IT security and his own experiences. Afterwards, the attendees can ask questions to the speakers in an open round.

https://www.it-sa.de/de/events/1/dsin-messecampusit-sa/689641
SECUSO at the European Cyber Security Month (25-09-2018)

The European Cyber Security Month is coordinated by the German Federal Office of Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI). SECUSO participates together with KASTEL and SCC with new flyers, video on how to identify and avoid online fraud and new Privacy-Friendly Apps.

https://secuso.org/buerger
Melanie Volkamer organises Dagstuhl Seminar (17-09-2018)

The Dagstuhl seminar on the topic of "Biggest Failures in Security" is organised together with Frederik Armknecht (Universität Mannheim, DE), Ingrid Verbauwhede (KU Leuven, BE) and Moti Yung (Columbia University, US). The seminar takes place on 3.-8. November 2019 in Schloss Dagstuhl.

https://www.dagstuhl.de/de/programm/kalender/semhp/?semnr=19451
New Privacy Friendly Health App (6-09-2018)

Our family of Privacy-Friendly Apps in Health category has grown. In addition to the existing apps (Pedometer, Interval Timer and Circuit Training, Pain Dairy), now there is also a Privacy Friendly Pausing Healthily App (available in Google Play Store and in F-Droid Store).The app has been developed in collaboration with a physiotherapist Eduardo Fontao. Just like the rest of our Privacy Friendly app, the Pausing Healthily only requests permissions that are necessary for its functionality (in this case, no permissions) and does not contain any tracking mechanisms, so that no (user) data is being collected. It is also free and yet does not show any ads. Privacy Friendly Pausing Healthily App makes it easier to structure your work by reminding you to take breaks during work. The app also offers many useful relaxation, mobilisation and stretching exercises that can be combined into individual programs.

https://secuso.org/pfa-aktive-pause
Paper accepted at the 3rd International Workshop on Ubiquitous Personal Assistance (28-08-2018)

The paper “Assistance in Daily Password Generation Tasks” by Karola Marky, Peter Mayer, Nina Gerber, and Verena Zimmermann has been accepted for publication at the 3rd International Workshop on Ubiquitous Personal Assistance (co-located with UbiComp 2018), which will take place on 8th October 2018 in Singapore. The paper describes the concept, implementation and evaluation of the Privacy Friendly Password Generator app, which can be downloaded in Google Play Store. The app aids users in generating and managing their passwords.

https://upa18.weebly.com
Paper accepted at the HICSS-52 conference (18-08-2018)

The paper "A Proxy Voting Scheme Ensuring Participation Privacy and Receipt-Freeness" by Oksana Kulyk and Melanie Volkamer has been accepted for publication at the 52. Hawaii International Conference on System Sciences (HICSS-52), which will take place on 8.-11. January in Grand Wailea, Maui. The conference is A-ranked according to CORE.

http://hicss.hawaii.edu
Benjamin Reinheimer is doing his summer internship at the International Computer Science Institut (ICSI) (15-08-2018)

The International Computer Science Institute (ICSI) is an independent, non-profit institute in the field of computer science (Computer Networking, Brain Networks, Usable Security and Privacy and Cybermanufacturing). The institute is located in Berkeley, CA, and has been affiliated with UC Berkeley since its foundation in 1988.
Benjamin Reinheimer is currently completing a 13-week internship at ICSI. He is a member of Nicholas Weaver's team in the "Networking and Security" working group.

https://www.icsi.berkeley.edu/icsi/groups/networking/members
"Privacy-friendly Cookie Settings" browser extension is available in Chrome Store (31-07-2018)

An extension for Google Chrome, “Privacy-friendly Cookie Settings”, designed to support the users in their cookie configuration, is available for download in Chrome Store. The extension aims to support the lay users by providing explanations for the available cookie settings, enables easier navigation through the settings via an assistant mode and supports fine-grained configuration with the possibility of website-specific settings.

https://secuso.org/privacy-friendly-cookie-settings
Paper accepted at the E-Vote-ID Conference (22-07-2018)

The paper "Usability is not Enough: Lessons Learned from 'Human Factors in Security' Research for Verifiability" by Oksana Kulyk und Melanie Volkamer has been accepted for publication at  the 3. International Joint Conference on Electronic Voting (E-Vote-ID 2018), which will take place on 2.-5. October in Bregenz, Austria.

https://www.e-vote-id.org/
Paper accepted at the Journal "Datenschutz und Datensicherheit" (20-07-2018)

The paper "Nutzerwahrnehmung der Ende-zu-Ende-Verschlüsselung in WhatsApp" by Nina Gerber, Verena Zimmermann, Birgit Henhapl, Sinem Emeröz, Tobias Hilt and Melanie Volkamer has been accepted for publication at the journal "Datenschutz und Datensicherheit".    

https://link.springer.com/journal/11623
Two papers accepted at International Symposium on Human Aspects of Information Security & Assurance 2018 (11-07-2018)

The two papers "Motivating Users To Consider Recommendations On Password Management Strategies" by Peter Mayer, Alexandra Kunz, and Melanie Volkamer as well "The Quest to Replace Passwords Revisited – Rating Authentication Schemes" by Verena Zimmermann, Nina Gerber, Marius Kleboth, Alexandra von Preuschen, Konstantin Schmidt, and Peter Mayer have been accepted for publication at International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018), which will take place on 29.-31. October in Dundee, Scotland.

http://haisa.org
Paper accepted at 4. USP Workshop at MUC 2018 (11-07-2018)

The paper "Evaluation der Nutzbarkeit von PGP und S/MIME in Thunderbird" by Nina Gerber, Marco Ghiglieri and Birgit Henhapl was accepted at the 4th Usable Security and Privacy Workshop at the Mensch und Computer 2018, which will be held on September 2 in Dresden, Germany.

Link_more
Human Factors in Security & Privacys in IoT

We are co-guest editing a special issue on human factors in security and privacy in IoT for thei informatics journal. The submission deadline is November 30 2018.

Link_more
2 Workshop papers and 2 posters accepted at SOUPS 2018

Two papers were accepted for publication in workshops which are co-located with SOUPS: The paper "Home Sweet Home? Investigating users’ awareness ofsmart home privacy threats" by Nina Gerber, Benjamin Reinheimer and Melanie Volkamerwill be presented at the workshop An Interactive Workshop on the Human aspects ofSmarthome Security and Privacy (WSSP) and the paper “ACCESSv2: A Collaborative Authentication Research and Decision Support Platform" by Peter Mayer, Philip Stumpf, Thomas Weber and Melanie Volkamer will be presented at the workshop  Who Are You?! Adventures in Authentication 2018 (WAY 2018). Furthermore, the posters "‘This Website Uses Cookies‘: Users' Perceptions and Reactions to the Cookie Disclaimer“ by Oksana Kulyk, Annika Hilt, Nina Gerber and Melanie Volkamer and "Addressing Misconceptions About Password Security Effectively" by Peter Mayer and Melanie Volkamer have been accepted for presentation at SOUPS 2018.

Link_more
Paper accepted at SOUPS 2018

The paper "Replication Study: A Cross-Country Field Observation Study of Real World PIN Usage at ATMs and in Various Electronic Payment Scenarios" by Melanie Volkamer, Andreas Gutmann, Karen Renaud, Paul Gerber, and Peter Mayer was accepted for publication at the USENIX conference Symposium on Usable Privacy and Security (SOUPS), which represents the primary venue for research in usable privacy and usable security. The conference will be held August 12–14, 2018 in Baltimore (USA).

Link_more
Paper accepted at ARES 2018

The paper „Finally Johnny Can Encrypt. But Does This Make Him Feel More Secure?” by Nina Gerber, Verena Zimmermann, Birgit Henhapl, Sinem Emeröz and Melanie Volkamer was accepted at the 13th International Conference on Availability, Reliability and Security (ARES), which will be held from August 27 to August 30 at the University of Hamburg, Germany.

Link_more
Paper accepted at the TrustBus 2018 conference

The paper " Phishing Detection: Developing and Evaluating a Five Minutes Security Awareness Video" by Melanie Volkamer, Karen Renaud, Benjamin Maximilian Reinheimer, Philipp Rack, Marco Ghiglieri, Peter Mayer, Alexandra Kunz, Nina Gerber has been accepted at the TrustBus 2018 (15th International Conference on Trust, Privacy and Security in Digital Business).

Link_more
Melanie Volkamer referiert bei der Auftaktveranstaltung zur diesjährigen Wissenschaftsreihe EFFEKTE der Stadt Karlsruhe [German only]

Ein Jahr, zwölf Ausgaben Wissenschaftskommunikation, vier Veranstaltungsorte – ab dem 5. Juni 2018 ist die EFFEKTE-Reihe wieder mit einem abwechslungsreichen Programm der verschiedenen Karlsruher Wissenschaftseinrichtungen an einem Dienstag auf dem Gelände des Alten Schlachthofs zu Gast. Unter dem Motto "Karlsruhe 4.0" finden Sie hier das Programm und alle Themenabende des ersten Veranstaltungshalbjahres. Alle Veranstaltungen sind kostenfrei. Die Auftaktveranstaltung steht unter dem Motto "Digitalisierung: Risiken, Gefahren und Lösungen" und findet am 5. Juni von 19:30 bis 22:00 Uhr im Tollhaus statt. Welche Risiken das sind und wie die neuen Herausforderungen gemeistert werde können, darüber sprechen Dr. Dirk Achenbach vom FZI Forschungszentrum Informatik, Dr. Michael Friedewald vom Fraunhofer-Institut für System- und Innovationsforschung und Prof. Dr. Melanie Volkamer vom Karlsruher Institut für Technologie.

Link_more
Paper accepted at IEEE TrustCom 2018 conference

The paper "A Concept and Evaluation of Usable and Fine-Grained Privacy-Friendly Cookie Settings Interface" by Oksana Kulyk, Peter Mayer, Oliver Käfer and Melanie Volkamer was accepted at the 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications (IEEE TrustCom-18), which is A-ranked.

Link_more
Best paper award at SAC 2018

The paper „Helping John to Make Informed Decisions on Using Social Login“ by Farzaneh Karegar, Nina Gerber, Melanie Volkamer and Simone Fischer-Hübner won a best paper award in the theme „System Software and Security” at SAC 2018.

Link_more
21st International E-Voting Colloquium at KIT

On April 9th and 10th, Melanie Volkamer and Oksana Kulyk co-organised the 21st E-Voting Colloquium at Karlsruhe Institute of Technology together with the KASTEL professors Prof. Dr. Bernhard Beckert and Prof. Dr. Jörn Müller-Quade. 

Since 2006, the colloquium takes place in order to consider different aspects of E-Voting, such as legal hurdles, identity management, legal and technical aspects, costs and challenges of the verification of elections. In addition to presentations and discussions dedicated to the current state of research of the participating doctoral students, the highlight of this year's colloquium was the demo session of the voting machines from the SECUSO research group. The presented machines included the mechanical voting device 'System Darmstadt' and a NEDAP voting computer, both were used in the past for legally binding elections in Germany, yet are currently not allowed to be used for such elections anymore. Furthermore, the EasyVote system has been presented, which was developed within the SECUSO research group for elections that allow cumulative voting and panachage. 

Link_more
Paper accepted for EuroUSEC

The paper "This Website Uses Cookies: Users' Perceptions and Reactions to the Cookie Disclaimer" by Oksana Kulyk, Annika Hilt, Nina Gerber, Melanie Volkamer has been accepted at a European Symposium on Security and Privacy (EuroS&P) event, the 3rd European Workshop on Usable Security (EuroUSEC), which will be held at 23. April 2018 in London.

Link_more
Paper accepted for publication in the Computers & Security Journal

The paper „Explaining the Privacy Paradox - A systematic review of literature investigating privacy attitude and behavior” by Nina Gerber, Paul Gerber and Melanie Volkamer was accepted for publication in the Computers & Security Journal.

Link_more
Two articles have been published in the Datenschutz und Datensicherheit journal

The article “Analyse der Sicherheit und Erinnerbarkeit der DsiN-Passwortkarte“ by Peter Mayer, Alexandra Kunz and Melanie Volkamer, as well as the article “Effektiver Schutz vor betrügerischen Nachrichten“ by Stephan Neumann, Benjamin Reinheimer, Melanie Volkamer, Alexandra Kunz and Christian Schwartz were accepted for the journal DuD Datenschutz und Datensicherheit. In the same issue you can find an article from KASTEL colleagues Jürgen Beyerer, Jörn Müller-Quade und Ralf Reussner on the topic of “Karlsruher Thesen zur Digitalen Souveränität Europas”.

Link_more
Happy Easter! Online-Fraud-Video is now available in English (31-03-2018)

As a little Easter surprise, we are happy to announce that our educational Video "Online-Fraud - How to identify and avoid dangers" is now also available in English. The popular five-minute video on the topic how to identify and avoid dangers by identifying them through education, is a result of scientific evaluation of the effectiveness in regard to the recognition of fraudulent messages. 

Happy Easter and stay safe, the SECUSO-Research Group

Link_more
The family of Privacy Friendly Apps has grown (29-03-2018)

SECUSO just published five new Privacy Friendly Apps and two updates.The Privacy Friendly Apps are a group of Android apps that are optimized regarding privacy. All apps were developed within SECUSO's usable security and privacy lab by students. The lab aims to teach privacy-aware developed as well as app development.

The new apps are:
* Pain Diary: An app that facilitates recording pain related data like location and intensity of pain.
* Boardgame Clock: An app that supports the time management of boardgames.
* Checkers: A boardgame for one or two players.
* Circuit Training: An app that supports the user in circuit training via time tracking and exercise display.
* WiFi Manager: Automatic switching on an off of the device's WiFi depending on the user's location.

The updated apps are:
* Net Monitor: Monitoring the network traffic of installed apps without permissions.
* Todo-Liste: Managing of todo tasks.

Link_more
SECUSO researcher organizes E-VOTE-ID 2018 (13-03-2018)

Prof. Melanie Volkamer, Professor at the SECUSO research group at Karlsruhe Institute of Technology and Technische Universität Darmstadt is co-organizing the International Conference for Electronic Voting (E-VOTE-ID) 2018.

This conference is one of the leading international events for e-voting experts from all over the world. E-VOTE-ID is an annual meeting formed by merging EVOTE and VoteID. The third joint conference will take place in October 2018.

One of its major objectives is to provide a forum for interdisciplinary and open discussion of all issues relating to electronic voting. Cumulatively, since 2004 more than 750 experts from 35+ countries in six continents have attended this conference to discuss electronic voting and related topics.

The aim of the conference is to bring together e-voting specialists working in academia, politics, government and industry in order to discuss various aspects of all forms of electronic voting (including, but not limited, to polling stations, kiosks, ballot scanners and remote voting by electronic means) in three conference tracks and a PhD colloquium.

The E-Vote-ID 2018 will be held in Bregenz, Austria, on October 2-5, 2018.

Link_more
Privacy Friendly Weather offers more security and enhanced usability (19-03-2018)

Our Privacy Friendly App "Weather" received a big update.

Due to the usage of HTTPs for forecast requests the app offers an enhanced security and privacy. Furthermore, Privacy Friendly Weather's userinterface was redesigned. Besides design improvements, the app now offers a better performance. Forecast data are loaded more efficiently and the app starts faster.

Three configurable widgets form a further highlight.

Link_more
SECUSO bei der ZKI Tagung in Konstanz (09-03-2018)

Im Rahmen der Tagung des Unterarbeitskreises "IT-Sicherheit" des Vereins der Zentren für Kommunikationsverarbeitung in Forschung und Lehre (ZKI e.V.) an der Universität Konstanz gibt Dr. Marco Ghiglieri am 14.03.2018 einen Vortrag zum Thema "Wie Sie sich mit effektiven Maßnahmen gegen Phishing und andere gefährliche Nachrichten schützen können".

Materialien zum Thema "Phishing und andere gefährliche Nachrichten" wurden u.a. innerhalb des vom Bundesministerium für Wirtschaft und Energie im Rahmen der Initiative IT-Sicherheit in der Wirtschaft geförderten Projekts KMU AWARE entwickelt.

SECUSO researcher organizes iPAT 2018 (05-03-2018)

SECUSO researcher Nina Gerber is co-organizing the 1st Interdisciplinary Workshop on Privacy and Trust (iPAT 2018).

The workshop is held in conjunction with the 13th International Conference on Availability, Reliability and Security (ARES 2018) in Hamburg, Germany, on August 27th. The aim of this workshop is to bring together researchers from different fields in order to support users in protecting their private data. An interdisciplinary approach is needed to develop privacy enhancing technologies that address not only technical aspect, but also aspects related to usability, psychology, economy, sociology, philosophy, and law. This interdisciplinary workshop thus seeks submissions from a wide range of disciplines (computer science, usability, law, economics, psychology, sociology, philosophy, ethics, …) that cover the various aspects of privacy and trust.

Submissions are due to May 4th.

Link_more
Safer Internet Day - SECUSO informiert, wie Sie sich vor Online-Betrug schützen können (06-02-2018)

Heute findet bereits zum 19. Mal der weltweite Safer Internet Day statt. Auch das AIFB und KASTEL beteiligen sich am Aktionstag: Anlässlich des diesjährigen Tags für mehr Internetsicherheit haben wir unseren NoPhish Flyer erweitert, um Ihnen aufzuzeigen, wie Sie sich vor Online-Betrug im Allgemeinen schützen können.

Viel Spaß beim Nicht-Betrogen werden.

Link zum Flyer

ACCESS now available to the public (02-02-2018)

ACCESS - Authentication ChoiCE Support System - is a platform that helps developers and decision makers to select appropriate authentication schemes for their application scenarios. It allows specifying the requirements needed for an authentication scheme to be suitable. Then, the platform compares the requirements with the entries of its knowledge base and lists the five most suitable authentication schemes. The knowledge base contains data about a variety of authentication schemes from the scientific literature. ACCESS enables usage of this data by non-experts.

Link_more
Paper accepted at CHI conference (31-01-2018)

The paper "What Did I Really Vote For? - On the Usability of Verifiable E-Voting Schemes" by Karola Marky, Oksana Kulyk, Karen Renaud and Melanie Volkamer was accepted at the Conference on Human Factors in Computing Systems (CHI 2018).

Link_more
Paper accepted at GI-Sicherheit 2018 (29-01-2018)

The paper "Comparative Usability Evaluation of Cast-as-Intended Verification Approaches in Internet Voting" by Karola Marky, Oksana Kulyk and Melanie Volkamer was accepted at "Sicherheit 2018.

Link_more
Research results from the SECUSO research group added to the iX Info-Hub for Security-Awareness-Ressources (26-01-2018)

Especially for small and medium-sized enterprises (SMEs) the provision of IT security awareness-raising and education measures is a problem. To support such SMEs, iX has launched the info hub for security awareness resources.

In the course of the project "KMU AWARE" of the German initiative "IT-Sicherheit in der Wirtschaft" of the Federal Ministry of Economics and Energy, numerous awareness-raising and education measures tailored to SMEs have been developed. These measures are now linked in the iX Info-Hub for Security Awareness Resources and therefore easily accessible to interested parties.

Link_more
SECUSO contributes to a textbook on 'Sicherheitskritische Mensch-Computer-Interaktion' (12-01-2018)

The book 'Sicherheitskritische Mensch-Computer-Interaktion' has been published by Springer. It contains the chapter 'Human Factors in Security' by Paul Gerber, Marco Ghiglieri, Birgit Henhapl, Oksana Kulyk, Karola Marky, Peter Mayer, Benjamin Reinheimer and Melanie Volkamer. Therein, the authors provide an introduction in the topic of human factors in security and present general solutions based on the Human-Centered Security by Design approach.

Link_more
Special issue on e-voting published (01-01-2018)

"Special issue on e-voting", Journal of Information Security (JISA) 2017 (editors: Budurushi, J., Neumann, S., Renaud, K., Volkamer, M.) is now available.

Link_more