@inproceedings{47305, author = {{Amft, Sabrina and Höltervennhoff, Sandra and Huaman, Nicolas and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023}}, editor = {{Kelley, Patrick Gage and Kapadia, Apu}}, pages = {{171–190}}, publisher = {{USENIX Association}}, title = {{{"Would You Give the Same Priority to the Bank and a Game? I Do Not!" Exploring Credential Management Strategies and Obstacles during Password Manager Setup}}}, year = {{2023}}, } @inproceedings{47301, author = {{Höltervennhoff, Sandra and Klostermeyer, Philip and Wöhler, Noah and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023}}, editor = {{Calandrino, Joseph A. and Troncoso, Carmela}}, publisher = {{USENIX Association}}, title = {{{"I wouldn’t want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust}}}, year = {{2023}}, } @inproceedings{47298, author = {{Mink, Jaron and Kaur, Harjot and Schmüser, Juliane and Fahl, Sascha and Acar, Yasemin}}, booktitle = {{32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023}}, editor = {{Calandrino, Joseph A. and Troncoso, Carmela}}, publisher = {{USENIX Association}}, title = {{{"Security is not my field, I’m a stats guy": A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry}}}, year = {{2023}}, } @inproceedings{47842, author = {{Fourné, Marcel and Wermke, Dominik and Enck, William and Fahl, Sascha and Acar, Yasemin}}, booktitle = {{2023 IEEE Symposium on Security and Privacy (SP)}}, publisher = {{IEEE}}, title = {{{It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security}}}, doi = {{10.1109/sp46215.2023.10179320}}, year = {{2023}}, } @article{47295, author = {{Amft, Sabrina and Höltervennhoff, Sandra and Huaman, Nicolas and Krause, Alexander and Simko, Lucy and Acar, Yasemin and Fahl, Sascha}}, journal = {{CoRR}}, title = {{{Lost and not Found: An Investigation of Recovery Methods for Multi-Factor Authentication}}}, doi = {{10.48550/arXiv.2306.09708}}, volume = {{abs/2306.09708}}, year = {{2023}}, } @article{47294, author = {{Tran, Mindy and Acar, Yasemin and Cucker, Michel and Enck, William and Kapravelos, Alexandros and Kästner, Christian and Williams, Laurie A.}}, journal = {{CoRR}}, title = {{{S3C2 Summit 2202-09: Industry Secure Suppy Chain Summit}}}, doi = {{10.48550/arXiv.2307.15642}}, volume = {{abs/2307.15642}}, year = {{2023}}, } @article{47293, author = {{Dunlap, Trevor and Acar, Yasemin and Cucker, Michel and Enck, William and Kapravelos, Alexandros and Kästner, Christian and Williams, Laurie A.}}, journal = {{CoRR}}, title = {{{S3C2 Summit 2023-02: Industry Secure Supply Chain Summit}}}, doi = {{10.48550/arXiv.2307.16557}}, volume = {{abs/2307.16557}}, year = {{2023}}, } @article{47292, author = {{Enck, William and Acar, Yasemin and Cukier, Michel and Kapravelos, Alexandros and Kästner, Christian and Williams, Laurie A.}}, journal = {{CoRR}}, title = {{{S3C2 Summit 2023-06: Government Secure Supply Chain Summit}}}, doi = {{10.48550/arXiv.2308.06850}}, volume = {{abs/2308.06850}}, year = {{2023}}, } @inproceedings{47300, author = {{Kohno, Tadayoshi and Acar, Yasemin and Loh, Wulf}}, booktitle = {{32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023}}, editor = {{Calandrino, Joseph A. and Troncoso, Carmela}}, publisher = {{USENIX Association}}, title = {{{Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversations}}}, year = {{2023}}, } @inproceedings{47312, author = {{Neil, Lorenzo and Sri Ramulu, Harshini and Acar, Yasemin and Reaves, Bradley}}, booktitle = {{Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023}}, pages = {{283–299}}, publisher = {{USENIX Association}}, title = {{{Who Comes Up with this Stuff? Interviewing Authors to Understand How They Produce Security Advice}}}, year = {{2023}}, } @article{47291, author = {{Klemmer, Jan H. and Gutfleisch, Marco and Stransky, Christian and Acar, Yasemin and Sasse, M. Angela and Fahl, Sascha}}, journal = {{CoRR}}, title = {{{"Make Them Change it Every Week!": A Qualitative Exploration of Online Developer Advice on Usable and Secure Authentication}}}, doi = {{10.48550/arXiv.2309.00744}}, volume = {{abs/2309.00744}}, year = {{2023}}, } @inproceedings{53362, author = {{Amft, Sabrina and Höltervennhoff, Sandra and Huaman, Nicolas and Krause, Alexander and Simko, Lucy and Acar, Yasemin and Fahl, Sascha}}, booktitle = {{Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, November 26-30, 2023}}, editor = {{Meng, Weizhi and Jensen, Christian Damsgaard and Cremers, Cas and Kirda, Engin}}, pages = {{3138–3152}}, publisher = {{ACM}}, title = {{{"We’ve Disabled MFA for You": An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments}}}, doi = {{10.1145/3576915.3623180}}, year = {{2023}}, } @inproceedings{49438, author = {{Krüger, Stefan and Reif, Michael and Wickert, Anna-Katharina and Nadi, Sarah and Ali, Karim and Bodden, Eric and Acar, Yasemin and Mezini, Mira and Fahl, Sascha}}, booktitle = {{2023 IEEE Secure Development Conference (SecDev)}}, publisher = {{IEEE}}, title = {{{Securing Your Crypto-API Usage Through Tool Support - A Usability Study}}}, doi = {{10.1109/secdev56634.2023.00015}}, year = {{2023}}, } @article{53368, author = {{Fourné, Marcel and Wermke, Dominik and Fahl, Sascha and Acar, Yasemin}}, journal = {{IEEE Security & Privacy}}, number = {{6}}, pages = {{59–63}}, publisher = {{IEEE}}, title = {{{A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda}}}, volume = {{21}}, year = {{2023}}, } @inproceedings{53366, author = {{Tran, Mindy and Munyendo, Collins W and Sri Ramulu, Harshini and Rodriguez, Rachel Gonzalez and Schnell, Luisa Ball and Sula, Cora and Simko, Lucy and Acar, Yasemin}}, booktitle = {{2024 IEEE Symposium on Security and Privacy (SP)}}, pages = {{4–4}}, title = {{{Security, Privacy, and Data-sharing Trade-offs When Moving to the United States: Insights from a Qualitative Study}}}, year = {{2023}}, } @article{53348, author = {{Fourné, Marcel and Wermke, Dominik and Fahl, Sascha and Acar, Yasemin}}, journal = {{IEEE Secur. Priv.}}, number = {{6}}, pages = {{59–63}}, title = {{{A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda}}}, doi = {{10.1109/MSEC.2023.3316569}}, volume = {{21}}, year = {{2023}}, } @article{53352, author = {{Simko, Lucy and Sri Ramulu, Harshini and Kohno, Tadayoshi and Acar, Yasemin}}, journal = {{Proc. ACM Hum. Comput. Interact.}}, number = {{CSCW2}}, pages = {{1–54}}, title = {{{The Use and Non-Use of Technology During Hurricanes}}}, doi = {{10.1145/3610215}}, volume = {{7}}, year = {{2023}}, } @article{48589, author = {{Fuchs, Christian}}, journal = {{Critical Sociology}}, number = {{4-5}}, pages = {{727--745}}, title = {{{Ibn Khaldûn and the Political Economy of Communication in the Age of Digital Capitalism}}}, doi = {{10.1177/08969205231206488 }}, volume = {{50}}, year = {{2023}}, } @article{48590, author = {{Fuchs, Christian}}, journal = {{Critical Sociology}}, number = {{4-5}}, pages = {{757--765}}, title = {{{Ibn Khaldûn and the Political Economy of Communication: A Reply to Graham Murdock}}}, doi = {{10.1177/08969205231201382}}, volume = {{50}}, year = {{2023}}, } @article{46310, abstract = {{Classic automated algorithm selection (AS) for (combinatorial) optimization problems heavily relies on so-called instance features, i.e., numerical characteristics of the problem at hand ideally extracted with computationally low-demanding routines. For the traveling salesperson problem (TSP) a plethora of features have been suggested. Most of these features are, if at all, only normalized imprecisely raising the issue of feature values being strongly affected by the instance size. Such artifacts may have detrimental effects on algorithm selection models. We propose a normalization for two feature groups which stood out in multiple AS studies on the TSP: (a) features based on a minimum spanning tree (MST) and (b) nearest neighbor relationships of the input instance. To this end we theoretically derive minimum and maximum values for properties of MSTs and k-nearest neighbor graphs (NNG) of Euclidean graphs. We analyze the differences in feature space between normalized versions of these features and their unnormalized counterparts. Our empirical investigations on various TSP benchmark sets point out that the feature scaling succeeds in eliminating the effect of the instance size. A proof-of-concept AS-study shows promising results: models trained with normalized features tend to outperform those trained with the respective vanilla features.}}, author = {{Heins, Jonathan and Bossek, Jakob and Pohl, Janina and Seiler, Moritz and Trautmann, Heike and Kerschke, Pascal}}, issn = {{0304-3975}}, journal = {{Theoretical Computer Science}}, keywords = {{Feature normalization, Algorithm selection, Traveling salesperson problem}}, pages = {{123--145}}, title = {{{A study on the effects of normalized TSP features for automated algorithm selection}}}, doi = {{https://doi.org/10.1016/j.tcs.2022.10.019}}, volume = {{940}}, year = {{2023}}, }