TY - CONF AU - Röse, Markus AU - Kablo, Emiram AU - Arias Cabarcos, Patricia ID - 48060 T2 - Proceedings of the 2023 European Symposium on Usable Security TI - Overcoming Theory: Designing Brainwave Authentication for the Real World ER - TY - CONF AU - Kablo, Emiram AU - Arias Cabarcos, Patricia ID - 49373 T2 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security TI - Privacy in the Age of Neurotechnology: Investigating Public Attitudes towards Brain Data Collection and Use ER - TY - CONF AU - Fallahi, Matin AU - Arias Cabarcos, Patricia AU - Strufe, Thorsten ID - 49641 T2 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security TI - Poster: Towards Practical Brainwave-based User Authentication ER - TY - CONF AB - The security of Industrial Control Systems is relevant both for reliable production system operations and for high-quality throughput in terms of manufactured products. Security measures are designed, operated and maintained by different roles along product and production system lifecycles. Defense-in-Depth as a paradigm builds upon the assumption that breaches are unavoidable. The paper at hand provides an analysis of roles, corresponding Human Factors and their relevance for data theft and sabotage attacks. The resulting taxonomy is reflected by an example related to Additive Manufacturing. The results assist in both designing and redesigning Industrial Control System as part of an entire production system so that Defense-in-Depth with regard to Human Factors is built in by design. AU - Pottebaum, Jens AU - Rossel, Jost AU - Somorovsky, Juraj AU - Acar, Yasemin AU - Fahr, René AU - Arias Cabarcos, Patricia AU - Bodden, Eric AU - Gräßler, Iris ID - 46500 KW - Defense-in-Depth KW - Human Factors KW - Production Engineering KW - Product Design KW - Systems Engineering T2 - 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) TI - Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth ER - TY - GEN AB - Data collection and aggregation by online services happens to an extent that is often beyond awareness and comprehension of its users. Transparency tools become crucial to inform people, though it is unclear how well they work. To investigate this matter, we conducted a user study focusing on Facebook, which has recently released the "Off-Facebook Activity" transparency dashboard that informs about personal data collection from third parties. We exposed a group of n = 100 participants to the dashboard and surveyed their level of awareness and reactions to understand how transparency impacts users' privacy attitudes and intended behavior. Our participants were surprised about the massive amount of collected data, became significantly less comfortable with data collection, and more likely to take protective measures. Collaterally, we observed that current consent schemes are inadequate. Based on the survey findings, we make recommendations for more usable transparency and highlight the need to raise awareness about transparency tools and to provide easily actionable privacy controls. AU - Arias Cabarcos, Patricia AU - Khalili, Saina AU - Strufe, Thorsten ID - 34079 T2 - arXiv:2209.08048 TI - 'Surprised, Shocked, Worried': User Reactions to Facebook Data Collection from Third Parties ER - TY - JOUR AU - Hanisch, Simon AU - Arias Cabarcos, Patricia AU - Parra-Arnau, Javier AU - Strufe, Thorsten ID - 28463 JF - CoRR TI - Privacy-Protecting Techniques for Behavioral Data: A Survey VL - abs/2109.04120 ER - TY - CONF AU - Arias Cabarcos, Patricia AU - Habrich, Thilo AU - Becker, Karen AU - Becker, Christian AU - Strufe, Thorsten ED - Bailey, Michael ED - Greenstadt, Rachel ID - 28462 T2 - 30th {USENIX} Security Symposium, {USENIX} Security 2021, August 11-13, 2021 TI - Inexpensive Brainwave Authentication: New Techniques and Insights on User Acceptance ER - TY - JOUR AU - Aguilar'Igartua, Mónica AU - Almenárez-Mendoza, Florina AU - P. Díaz Redondo, Rebeca AU - I. Martín'Vicente, Manuela AU - Forné, Jordi AU - Campo, Celeste AU - Fernández Vilas, Ana AU - J. de la Cruz Llopis, Luis AU - García-Rubio, Carlos AU - Marín-López, Andrés AU - Mohamad Mezher, Ahmad AU - Díaz Sánchez, Daniel AU - Cerezo-Costas, Héctor AU - Rebollo-Monedero, David AU - Arias Cabarcos, Patricia AU - Rico-Novella, Francisco ID - 28464 JF - {IEEE} Access TI - INRISCO: INcident monitoRing in Smart COmmunities VL - 8 ER - TY - CONF AU - Seiler-Hwang, Sunyoung AU - Arias Cabarcos, Patricia AU - Marín, Andr{\'{e}}s AU - Almenáres, Florina AU - Díaz Sánchez, Daniel AU - Becker, Christian ED - Cavallaro, Lorenzo ED - Kinder, Johannes ED - Wang, XiaoFeng ED - Katz, Jonathan ID - 28468 T2 - Proceedings of the 2019 {ACM} {SIGSAC} Conference on Computer and Communications Security, {CCS} 2019, London, UK, November 11-15, 2019 TI - "I don't see why I would ever want to use it": Analyzing the Usability of Popular Smartphone Password Managers ER - TY - CONF AU - Becker, Karen AU - Arias Cabarcos, Patricia AU - Habrich, Thilo AU - Becker, Christian ED - Cavallaro, Lorenzo ED - Kinder, Johannes ED - Wang, XiaoFeng ED - Katz, Jonathan ID - 28469 T2 - Proceedings of the 2019 {ACM} {SIGSAC} Conference on Computer and Communications Security, {CCS} 2019, London, UK, November 11-15, 2019 TI - Poster: Towards a Framework for Assessing Vulnerabilities of Brainwave Authentication Systems ER - TY - JOUR AU - Arias Cabarcos, Patricia AU - Krupitzer, Christian AU - Becker, Christian ID - 28466 IS - 4 JF - {ACM} Comput. Surv. TI - A Survey on Adaptive Authentication VL - 52 ER - TY - JOUR AU - Díaz Sánchez, Daniel AU - Marín López, Andrés AU - Almenárez Mendoza, Florina AU - Arias Cabarcos, Patricia AU - Simon Sherratt, R. ID - 28465 IS - 4 JF - {IEEE} Commun. Surv. Tutorials TI - TLS/PKI Challenges and Certificate Pinning Techniques for IoT and M2M Secure Communications VL - 21 ER - TY - JOUR AU - Díaz Sánchez, Daniel AU - Marín López, Andrés AU - Almenárez Mendoza, Florina AU - Arias Cabarcos, Patricia ID - 28467 IS - 15 JF - Sensors TI - DNS/DANE Collision-Based Distributed and Dynamic Authentication for Microservices in IoT VL - 19 ER - TY - CONF AU - Almenárez Mendoxa, Florina AU - Alonso, Lucía AU - Marín López, Andrés AU - Díaz Sánchez, Daniel AU - Arias Cabarcos, Patricia ED - Bravo, Jos{\'{e}} ED - Ba{\~{n}}os, Oresti ID - 28473 IS - 19 T2 - 12th International Conference on Ubiquitous Computing and Ambient Intelligence, UCAmI 2018, Punta Cana, Dominican Republic, December 4-7, 2018 TI - Assessment of Fitness Tracker Security: A Case of Study VL - 2 ER - TY - CONF AU - Arias Cabarcos, Patricia AU - Almenárez, Florina AU - Díaz Sánchez, Daniel AU - Marín, Andrés ED - A. Hallman, Roger ED - Li, Shujun ED - Chang, Victor ID - 28471 T2 - Proceedings of the 2nd International Workshop on Multimedia Privacy and Security, MPS@CCS 2018, Toronto, ON, Canada, October 15, 2018 TI - FRiCS: A Framework for Risk-driven Cloud Selection ER - TY - CONF AU - Díaz Sánchez, Daniel AU - Marín López, Andr{\'{e}}s AU - Almenárez Mendoza, Florina AU - Arias Cabarcos, Patricia ED - Bravo, Jos{\'{e}} ED - Baños, Oresti ID - 28472 IS - 19 T2 - 12th International Conference on Ubiquitous Computing and Ambient Intelligence, UCAmI 2018, Punta Cana, Dominican Republic, December 4-7, 2018 TI - DNS-Based Dynamic Authentication for Microservices in IoT VL - 2 ER - TY - CONF AU - Arias Cabarcos, Patricia AU - Krupitzer, Christian ID - 28476 T2 - Thirteenth Symposium on Usable Privacy and Security, {SOUPS} 2017, Santa Clara, CA, USA, July 12-14, 2017 TI - On the Design of Distributed Adaptive Authentication Systems ER - TY - JOUR AU - Sánchez-Guerrero, Rosa AU - Almenárez Mendoza, Florina AU - Díaz Sánchez, Daniel AU - Arias Cabarcos, Patricia AU - Marín López, Andr{\'{e}}s ID - 28475 IS - 6 JF - {IEEE} J. Biomed. Health Informatics TI - Collaborative eHealth Meets Security: Privacy-Enhancing Patient Profile Management VL - 21 ER - TY - JOUR AU - Rubio-Drosdov, Eugenio AU - Díaz Sánchez, Daniel AU - Almenárez-Mendoza, Florina AU - Arias Cabarcos, Patricia AU - Marín, Andrés ID - 28474 IS - 4 JF - {IEEE} Trans. Consumer Electron. TI - Seamless human-device interaction in the internet of things VL - 63 ER - TY - JOUR AU - Díaz Sánchez, Daniel AU - Simon Sherratt, R. AU - Almenárez, Florina AU - Arias Cabarcos, Patricia AU - Marín, Andr{\'{e}}s ID - 28479 IS - 4 JF - {IEEE} Trans. Consumer Electron. TI - Secure store and forward proxy for dynamic IoT applications over M2M networks VL - 62 ER -