75 Publications
2024 | Journal Article | LibreCat-ID: 47275
Herbert F, Becker S, Buckmann A, et al. Digital Security -- A Question of Perspective. A Large-Scale Telephone Survey with Four At-Risk User Groups. IEEE Symposium on Security and Privacy IEEE, New York, NY, USA. Published online 2024. doi:10.48550/arXiv.2212.12964
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47304
Wermke D, Klemmer JH, Wöhler N, et al. “Always Contribute Back”: A Qualitative Study on Security Challenges of the Open Source Supply Chain. In: 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE; 2023:1545–1560. doi:10.1109/SP46215.2023.10179378
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47299
Krause A, Klemmer JH, Huaman N, Wermke D, Acar Y, Fahl S. Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories. In: Calandrino JA, Troncoso C, eds. 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association; 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 47310
Fourné M, Wermke D, Enck W, Fahl S, Acar Y. It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security. In: 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE; 2023:1527–1544. doi:10.1109/SP46215.2023.10179320
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47311
Munyendo CW, Acar Y, Aviv AJ. “In Eighty Percent of the Cases, I Select the Password for Them”: Security and Privacy Challenges, Advice, and Opportunities at Cybercafes in Kenya. In: 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE; 2023:570–587. doi:10.1109/SP46215.2023.10179410
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47296
Kohno T, Acar Y, Loh W. Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversations. CoRR. 2023;abs/2302.14326. doi:10.48550/arXiv.2302.14326
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47306
Herbert F, Becker S, Schaewitz L, et al. A World Full of Privacy and Security (Mis)conceptions? Findings of a Representative Survey in 12 Countries. In: Schmidt A, Väänänen K, Goyal T, et al., eds. Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, CHI 2023, Hamburg, Germany, April 23-28, 2023. ACM; 2023:582:1–582:23. doi:10.1145/3544548.3581410
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47303
Keküllüoglu D, Acar Y. “We are a startup to the core”: A qualitative interview study on the security and privacy development practices in Turkish software startups. In: 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE; 2023:2015–2031. doi:10.1109/SP46215.2023.10179339
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47307
Kaur M, Sri Ramulu H, Acar Y, Fiebig T. “Oh yes! over-preparing for meetings is my jam :)”: The Gendered Experiences of System Administrators. Proc ACM Hum Comput Interact. 2023;7(CSCW1):1–38. doi:10.1145/3579617
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47294
Tran M, Acar Y, Cucker M, et al. S3C2 Summit 2202-09: Industry Secure Suppy Chain Summit. CoRR. 2023;abs/2307.15642. doi:10.48550/arXiv.2307.15642
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47293
Dunlap T, Acar Y, Cucker M, et al. S3C2 Summit 2023-02: Industry Secure Supply Chain Summit. CoRR. 2023;abs/2307.16557. doi:10.48550/arXiv.2307.16557
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47292
Enck W, Acar Y, Cukier M, Kapravelos A, Kästner C, Williams LA. S3C2 Summit 2023-06: Government Secure Supply Chain Summit. CoRR. 2023;abs/2308.06850. doi:10.48550/arXiv.2308.06850
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47298
Mink J, Kaur H, Schmüser J, Fahl S, Acar Y. “Security is not my field, I’m a stats guy”: A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry. In: Calandrino JA, Troncoso C, eds. 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association; 2023.
LibreCat
2023 | Journal Article | LibreCat-ID: 47295
Amft S, Höltervennhoff S, Huaman N, et al. Lost and not Found: An Investigation of Recovery Methods for Multi-Factor Authentication. CoRR. 2023;abs/2306.09708. doi:10.48550/arXiv.2306.09708
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47305
Amft S, Höltervennhoff S, Huaman N, Acar Y, Fahl S. “Would You Give the Same Priority to the Bank and a Game? I Do Not!” Exploring Credential Management Strategies and Obstacles during Password Manager Setup. In: Kelley PG, Kapadia A, eds. Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023. USENIX Association; 2023:171–190.
LibreCat
2023 | Conference Paper | LibreCat-ID: 47301
Höltervennhoff S, Klostermeyer P, Wöhler N, Acar Y, Fahl S. “I wouldn’t want my unsafe code to run my pacemaker”: An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust. In: Calandrino JA, Troncoso C, eds. 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association; 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 47300
Kohno T, Acar Y, Loh W. Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversations. In: Calandrino JA, Troncoso C, eds. 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association; 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 47312
Neil L, Sri Ramulu H, Acar Y, Reaves B. Who Comes Up with this Stuff? Interviewing Authors to Understand How They Produce Security Advice. In: Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023. USENIX Association; 2023:283–299.
LibreCat
2023 | Journal Article | LibreCat-ID: 46801
Bouma-Sims E, Acar Y. Beyond the Boolean: How Programmers Ask About, Use, and Discuss Gender. Proc ACM Hum Comput Interact. 2023;7(CSCW1):1–31. doi:10.1145/3579461
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47297
Bouma-Sims E, Acar Y. Beyond the Boolean: How Programmers Ask About, Use, and Discuss Gender. CoRR. 2023;abs/2302.05351. doi:10.48550/arXiv.2302.05351
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47291
Klemmer JH, Gutfleisch M, Stransky C, Acar Y, Sasse MA, Fahl S. “Make Them Change it Every Week!”: A Qualitative Exploration of Online Developer Advice on Usable and Secure Authentication. CoRR. 2023;abs/2309.00744. doi:10.48550/arXiv.2309.00744
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 49438
Krüger S, Reif M, Wickert A-K, et al. Securing Your Crypto-API Usage Through Tool Support - A Usability Study. In: 2023 IEEE Secure Development Conference (SecDev). IEEE; 2023. doi:10.1109/secdev56634.2023.00015
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 46500
Pottebaum J, Rossel J, Somorovsky J, et al. Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. In: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE; 2023:379-385. doi:10.1109/eurospw59978.2023.00048
LibreCat
| DOI
| Download (ext.)
2023 | Journal Article | LibreCat-ID: 53348
Fourné M, Wermke D, Fahl S, Acar Y. A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda. IEEE Secur Priv. 2023;21(6):59–63. doi:10.1109/MSEC.2023.3316569
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 53362
Amft S, Höltervennhoff S, Huaman N, et al. “We’ve Disabled MFA for You”: An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments. In: Meng W, Jensen CD, Cremers C, Kirda E, eds. Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, November 26-30, 2023. ACM; 2023:3138–3152. doi:10.1145/3576915.3623180
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 53366
Tran M, Munyendo CW, Sri Ramulu H, et al. Security, Privacy, and Data-sharing Trade-offs When Moving to the United States: Insights from a Qualitative Study. In: 2024 IEEE Symposium on Security and Privacy (SP). ; 2023:4–4.
LibreCat
2023 | Conference Paper | LibreCat-ID: 53369
Amft S, Höltervennhoff S, Huaman N, et al. “We’ve Disabled MFA for You”: An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments. In: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. ; 2023:3138–3152.
LibreCat
2023 | Journal Article | LibreCat-ID: 53368
Fourné M, Wermke D, Fahl S, Acar Y. A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda. IEEE Security & Privacy. 2023;21(6):59–63.
LibreCat
2023 | Journal Article | LibreCat-ID: 53352
Simko L, Sri Ramulu H, Kohno T, Acar Y. The Use and Non-Use of Technology During Hurricanes. Proc ACM Hum Comput Interact. 2023;7(CSCW2):1–54. doi:10.1145/3610215
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47289
Huaman N, Krause A, Wermke D, et al. If You Can’t Get Them to the Lab: Evaluating a Virtual Study Environment with Security Information Workers. In: Chiasson S, Kapadia A, eds. Eighteenth Symposium on Usable Privacy and Security, SOUPS 2022, Boston, MA, USA, August 7-9, 2022. USENIX Association; 2022:313–330.
LibreCat
2022 | Conference Paper | LibreCat-ID: 47286
Gutfleisch M, Klemmer JH, Busch N, Acar Y, Sasse MA, Fahl S. How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:893–910. doi:10.1109/SP46214.2022.9833756
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47287
Stransky C, Wiese O, Roth V, Acar Y, Fahl S. 27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:860–875. doi:10.1109/SP46214.2022.9833755
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47283
Kaur H, Amft S, Votipka D, Acar Y, Fahl S. Where to Recruit for Security Development Studies: Comparing Six Software Developer Samples. In: Butler KRB, Thomas K, eds. 31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022. USENIX Association; 2022:4041–4058.
LibreCat
2022 | Journal Article | LibreCat-ID: 47290
Huaman N, Amft S, Oltrogge M, Acar Y, Fahl S. They Would Do Better If They Worked Together: Interaction Problems Between Password Managers and the Web. IEEE Secur Priv. 2022;20(2):49–60. doi:10.1109/MSEC.2021.3123795
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 47282
Schmüser J, Wöhler N, Ramulu HS, et al. “Please help share!”: Security and Privacy Advice on Twitter during the 2022 Russian Invasion of Ukraine. CoRR. 2022;abs/2208.11581. doi:10.48550/arXiv.2208.11581
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47288
Jancar J, Fourné M, Braga DDA, et al. “They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:632–649. doi:10.1109/SP46214.2022.9833713
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47285
Wermke D, Wöhler N, Klemmer JH, Fourné M, Acar Y, Fahl S. Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:1880–1896. doi:10.1109/SP46214.2022.9833686
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47284
Munyendo CW, Acar Y, Aviv AJ. “Desperate Times Call for Desperate Measures”: User Concerns with Mobile Loan Apps in Kenya. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:2304–2319. doi:10.1109/SP46214.2022.9833779
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 47281
Krause A, Klemmer JH, Huaman N, Wermke D, Acar Y, Fahl S. Committed by Accident: Studying Prevention and Remediation Strategies Against Secret Leakage in Source Code Repositories. CoRR. 2022;abs/2211.06213. doi:10.48550/arXiv.2211.06213
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 53367
Herbert F, Becker S, Buckmann A, et al. Digital Security–A Question of Perspective. A Large-Scale Telephone Survey with Four At-Risk User Groups. arXiv preprint arXiv:221212964. Published online 2022.
LibreCat
2021 | Dissertation | LibreCat-ID: 47271
Acar Y. Human Factors in Secure Software Development. University of Marburg, Germany; 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47265
Huaman N, von Skarczinski B, Stransky C, et al. A Large-Scale Interview Study on Information Security in and Attacks against Small and Medium-sized Enterprises. In: Bailey M, Greenstadt R, eds. 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. USENIX Association; 2021:1235–1252.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47264
Oltrogge M, Huaman N, Amft S, Acar Y, Backes M, Fahl S. Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications. In: Bailey M, Greenstadt R, eds. 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. USENIX Association; 2021:4347–4364.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47270
Häring M, Gerlitz E, Tiefenau C, et al. Never ever or no matter what: Investigating Adoption Intentions and Misconceptions about the Corona-Warn-App in Germany. In: Chiasson S, ed. Seventeenth Symposium on Usable Privacy and Security, SOUPS 2021, August 8-10, 2021. USENIX Association; 2021:77–98.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47268
Stransky C, Wermke D, Schrader J, et al. On the Limited Impact of Visualizing Encryption: Perceptions of E2E Messaging Security. In: Chiasson S, ed. Seventeenth Symposium on Usable Privacy and Security, SOUPS 2021, August 8-10, 2021. USENIX Association; 2021:437–454.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47267
Huaman N, Amft S, Oltrogge M, Acar Y, Fahl S. They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites. In: 2021 IEEE Symposium on Security and Privacy (SP). IEEE; 2021. doi:10.1109/sp40001.2021.00094
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 47266
Haney JM, Acar Y, Furman S. “It’s the Company, the Government, You and I”: User Perceptions of Responsibility for Smart Home Privacy and Security. In: Bailey M, Greenstadt R, eds. 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. USENIX Association; 2021:411–428.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47269
Neil L, Bouma-Sims E, Lafontaine E, Acar Y, Reaves B. Investigating Web Service Account Remediation Advice. In: Chiasson S, ed. Seventeenth Symposium on Usable Privacy and Security, SOUPS 2021, August 8-10, 2021. USENIX Association; 2021:359–376.
LibreCat
2020 | Conference Paper | LibreCat-ID: 47879
Haney J, Furman S, Acar Y. Smart Home Security and Privacy Mitigations: Consumer Perceptions, Practices, and Challenges. In: International Conference on Human-Computer Interaction, Copenhagen, -1; 2020.
LibreCat
2020 | Book Chapter | LibreCat-ID: 47261
Haney JM, Furman SM, Acar Y. Smart Home Security and Privacy Mitigations: Consumer Perceptions, Practices, and Challenges. In: HCI for Cybersecurity, Privacy and Trust. Springer International Publishing; 2020. doi:10.1007/978-3-030-50309-3_26
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 47260
Wermke D, Huaman N, Stransky C, Busch N, Acar Y, Fahl S. Cloudy with a Chance of Misconceptions: Exploring Users’ Perceptions and Expectations of Security and Privacy in Cloud Office Suites. In: Lipford HR, Chiasson S, eds. Sixteenth Symposium on Usable Privacy and Security, SOUPS 2020, August 7-11, 2020. USENIX Association; 2020:359–377.
LibreCat
2020 | Conference Paper | LibreCat-ID: 47262
Gorski PL, Acar Y, Lo Iacono L, Fahl S. Listen to Developers! A Participatory Design Study on Security Warnings for Cryptographic APIs. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. ACM; 2020. doi:10.1145/3313831.3376142
LibreCat
| DOI
2018 | Report | LibreCat-ID: 47876
Haney J, Theofanos M, Acar Y, Prettyman SS. Organizational Views of NIST Cryptographic Standards and Testing and Validation Programs. National Institute of Standards and Technology; 2018. doi:10.6028/nist.ir.8241
LibreCat
| DOI
2018 | Conference Paper | LibreCat-ID: 47253
Wu Y, Gupta P, Wei M, Acar Y, Fahl S, Ur B. Your Secrets Are Safe. In: Proceedings of the 2018 World Wide Web Conference on World Wide Web - WWW ’18. ACM Press; 2018. doi:10.1145/3178876.3186088
LibreCat
| DOI
2018 | Conference Paper | LibreCat-ID: 47255
Haney JM, Theofanos M, Acar Y, Prettyman SS. “We make it a big deal in the company”: Security Mindsets in Organizations that Develop Cryptographic Products. In: Zurko ME, Lipford HR, eds. Fourteenth Symposium on Usable Privacy and Security, SOUPS 2018, Baltimore, MD, USA, August 12-14, 2018. USENIX Association; 2018:357–373.
LibreCat
2018 | Conference Paper | LibreCat-ID: 47254
Oltrogge M, Derr E, Stransky C, et al. The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators. In: 2018 IEEE Symposium on Security and Privacy (SP). IEEE; 2018. doi:10.1109/sp.2018.00005
LibreCat
| DOI
2018 | Conference Paper | LibreCat-ID: 47256
Gorski PL, Iacono LL, Wermke D, et al. Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic API Misuse. In: Zurko ME, Lipford HR, eds. Fourteenth Symposium on Usable Privacy and Security, SOUPS 2018, Baltimore, MD, USA, August 12-14, 2018. USENIX Association; 2018:265–281.
LibreCat
2018 | Conference Paper | LibreCat-ID: 47252
Wermke D, Huaman N, Acar Y, Reaves B, Traynor P, Fahl S. A Large Scale Investigation of Obfuscation Use in Google Play. In: Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03-07, 2018. ACM; 2018:222–235. doi:10.1145/3274694.3274726
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47249
Derr E, Bugiel S, Fahl S, Acar Y, Backes M. Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM; 2017. doi:10.1145/3133956.3134059
LibreCat
| DOI
2017 | Journal Article | LibreCat-ID: 47309
Acar Y, Backes M, Fahl S, Kim D, Mazurek ML, Stransky C. How Internet Resources Might Be Helping You Develop Faster but Less Securely. IEEE Secur Priv. 2017;15(2):50–60. doi:10.1109/MSP.2017.24
LibreCat
| DOI
2017 | Report | LibreCat-ID: 47873
Redmiles EM, Acar Y, Fahl S, Mazurek ML. A Summary of Survey Methodology Best Practices for Security and Privacy Researchers. University of Maryland Computer Science Department; 2017. doi:10.13016/M22K2W
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47248
Acar Y, Stransky C, Wermke D, Weir C, Mazurek ML, Fahl S. Developers Need Support, Too: A Survey of Security Advice for Software Developers. In: 2017 IEEE Cybersecurity Development (SecDev). IEEE; 2017. doi:10.1109/secdev.2017.17
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47245
Stransky C, Acar Y, Nguyen DC, et al. Lessons Learned from Using an Online Platform to Conduct Large-Scale, Online Controlled Security Experiments with Software Developers. In: Fernandez JM, Payer M, eds. 10th USENIX Workshop on Cyber Security Experimentation and Test, CSET 2017, Vancouver, BC, Canada, August 14, 2017. USENIX Association; 2017.
LibreCat
2017 | Conference Paper | LibreCat-ID: 47243
Fischer F, Böttinger K, Xiao H, et al. Stack Overflow Considered Harmful? The Impact of Copy&Paste on Android Application Security. In: 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, May 22-26, 2017. IEEE Computer Society; 2017:121–136. doi:10.1109/SP.2017.31
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47250
Nguyen DC, Wermke D, Acar Y, Backes M, Weir C, Fahl S. A Stitch in Time: Supporting Android Developers in Writing Secure Code. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM; 2017. doi:10.1145/3133956.3133977
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47242
Acar Y, Fahl S, Mazurek ML. You are Not Your Developer, Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users. In: 2016 IEEE Cybersecurity Development (SecDev). IEEE; 2017. doi:10.1109/secdev.2016.013
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47246
Acar Y, Backes M, Fahl S, et al. Comparing the Usability of Cryptographic APIs. In: 2017 IEEE Symposium on Security and Privacy (SP). IEEE; 2017. doi:10.1109/sp.2017.52
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47244
Acar Y, Stransky C, Wermke D, Mazurek ML, Fahl S. Security Developer Studies with GitHub Users: Exploring a Convenience Sample. In: Thirteenth Symposium on Usable Privacy and Security, SOUPS 2017, Santa Clara, CA, USA, July 12-14, 2017. USENIX Association; 2017:81–95.
LibreCat
2016 | Conference Paper | LibreCat-ID: 47240
Acar Y, Backes M, Bugiel S, Fahl S, McDaniel P, Smith M. SoK: Lessons Learned from Android Security Research for Appified Software Platforms. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE; 2016. doi:10.1109/sp.2016.33
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 47241
Acar Y, Backes M, Fahl S, Kim D, Mazurek ML, Stransky C. You Get Where You’re Looking for: The Impact of Information Sources on Code Security. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE; 2016. doi:10.1109/sp.2016.25
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 47239
Dechand S, Schürmann D, Busse K, Acar Y, Fahl S, Smith M. An Empirical Study of Textual Key-Fingerprint Representations. In: Holz T, Savage S, eds. 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016. USENIX Association; 2016:193–208.
LibreCat
2015 | Conference Paper | LibreCat-ID: 47233
Perl H, Dechand S, Smith M, et al. VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM; 2015. doi:10.1145/2810103.2813604
LibreCat
| DOI
2015 | Conference Paper | LibreCat-ID: 47232
Oltrogge M, Acar Y, Dechand S, Smith M, Fahl S. To Pin or Not to Pin-Helping App Developers Bullet Proof Their TLS Connections. In: Jung J, Holz T, eds. 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015. USENIX Association; 2015:239–254.
LibreCat
2014 | Conference Paper | LibreCat-ID: 47162
Fahl S, Acar Y, Perl H, Smith M. Why eve and mallory (also) love webmasters. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security. ACM; 2014. doi:10.1145/2590296.2590341
LibreCat
| DOI
2013 | Conference Paper | LibreCat-ID: 47161
Fahl S, Harbach M, Acar Y, Smith M. On the ecological validity of a password study. In: Proceedings of the Ninth Symposium on Usable Privacy and Security. ACM; 2013. doi:10.1145/2501604.2501617
LibreCat
| DOI
75 Publications
2024 | Journal Article | LibreCat-ID: 47275
Herbert F, Becker S, Buckmann A, et al. Digital Security -- A Question of Perspective. A Large-Scale Telephone Survey with Four At-Risk User Groups. IEEE Symposium on Security and Privacy IEEE, New York, NY, USA. Published online 2024. doi:10.48550/arXiv.2212.12964
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47304
Wermke D, Klemmer JH, Wöhler N, et al. “Always Contribute Back”: A Qualitative Study on Security Challenges of the Open Source Supply Chain. In: 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE; 2023:1545–1560. doi:10.1109/SP46215.2023.10179378
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47299
Krause A, Klemmer JH, Huaman N, Wermke D, Acar Y, Fahl S. Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories. In: Calandrino JA, Troncoso C, eds. 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association; 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 47310
Fourné M, Wermke D, Enck W, Fahl S, Acar Y. It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security. In: 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE; 2023:1527–1544. doi:10.1109/SP46215.2023.10179320
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47311
Munyendo CW, Acar Y, Aviv AJ. “In Eighty Percent of the Cases, I Select the Password for Them”: Security and Privacy Challenges, Advice, and Opportunities at Cybercafes in Kenya. In: 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE; 2023:570–587. doi:10.1109/SP46215.2023.10179410
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47296
Kohno T, Acar Y, Loh W. Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversations. CoRR. 2023;abs/2302.14326. doi:10.48550/arXiv.2302.14326
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47306
Herbert F, Becker S, Schaewitz L, et al. A World Full of Privacy and Security (Mis)conceptions? Findings of a Representative Survey in 12 Countries. In: Schmidt A, Väänänen K, Goyal T, et al., eds. Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, CHI 2023, Hamburg, Germany, April 23-28, 2023. ACM; 2023:582:1–582:23. doi:10.1145/3544548.3581410
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47303
Keküllüoglu D, Acar Y. “We are a startup to the core”: A qualitative interview study on the security and privacy development practices in Turkish software startups. In: 44th IEEE Symposium on Security and Privacy, SP 2023, San Francisco, CA, USA, May 21-25, 2023. IEEE; 2023:2015–2031. doi:10.1109/SP46215.2023.10179339
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47307
Kaur M, Sri Ramulu H, Acar Y, Fiebig T. “Oh yes! over-preparing for meetings is my jam :)”: The Gendered Experiences of System Administrators. Proc ACM Hum Comput Interact. 2023;7(CSCW1):1–38. doi:10.1145/3579617
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47294
Tran M, Acar Y, Cucker M, et al. S3C2 Summit 2202-09: Industry Secure Suppy Chain Summit. CoRR. 2023;abs/2307.15642. doi:10.48550/arXiv.2307.15642
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47293
Dunlap T, Acar Y, Cucker M, et al. S3C2 Summit 2023-02: Industry Secure Supply Chain Summit. CoRR. 2023;abs/2307.16557. doi:10.48550/arXiv.2307.16557
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47292
Enck W, Acar Y, Cukier M, Kapravelos A, Kästner C, Williams LA. S3C2 Summit 2023-06: Government Secure Supply Chain Summit. CoRR. 2023;abs/2308.06850. doi:10.48550/arXiv.2308.06850
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47298
Mink J, Kaur H, Schmüser J, Fahl S, Acar Y. “Security is not my field, I’m a stats guy”: A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry. In: Calandrino JA, Troncoso C, eds. 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association; 2023.
LibreCat
2023 | Journal Article | LibreCat-ID: 47295
Amft S, Höltervennhoff S, Huaman N, et al. Lost and not Found: An Investigation of Recovery Methods for Multi-Factor Authentication. CoRR. 2023;abs/2306.09708. doi:10.48550/arXiv.2306.09708
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 47305
Amft S, Höltervennhoff S, Huaman N, Acar Y, Fahl S. “Would You Give the Same Priority to the Bank and a Game? I Do Not!” Exploring Credential Management Strategies and Obstacles during Password Manager Setup. In: Kelley PG, Kapadia A, eds. Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023. USENIX Association; 2023:171–190.
LibreCat
2023 | Conference Paper | LibreCat-ID: 47301
Höltervennhoff S, Klostermeyer P, Wöhler N, Acar Y, Fahl S. “I wouldn’t want my unsafe code to run my pacemaker”: An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust. In: Calandrino JA, Troncoso C, eds. 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association; 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 47300
Kohno T, Acar Y, Loh W. Ethical Frameworks and Computer Security Trolley Problems: Foundations for Conversations. In: Calandrino JA, Troncoso C, eds. 32nd USENIX Security Symposium, USENIX Security 2023, Anaheim, CA, USA, August 9-11, 2023. USENIX Association; 2023.
LibreCat
2023 | Conference Paper | LibreCat-ID: 47312
Neil L, Sri Ramulu H, Acar Y, Reaves B. Who Comes Up with this Stuff? Interviewing Authors to Understand How They Produce Security Advice. In: Nineteenth Symposium on Usable Privacy and Security, SOUPS 2023, Anaheim, CA, USA, August 5-7, 2023. USENIX Association; 2023:283–299.
LibreCat
2023 | Journal Article | LibreCat-ID: 46801
Bouma-Sims E, Acar Y. Beyond the Boolean: How Programmers Ask About, Use, and Discuss Gender. Proc ACM Hum Comput Interact. 2023;7(CSCW1):1–31. doi:10.1145/3579461
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47297
Bouma-Sims E, Acar Y. Beyond the Boolean: How Programmers Ask About, Use, and Discuss Gender. CoRR. 2023;abs/2302.05351. doi:10.48550/arXiv.2302.05351
LibreCat
| DOI
2023 | Journal Article | LibreCat-ID: 47291
Klemmer JH, Gutfleisch M, Stransky C, Acar Y, Sasse MA, Fahl S. “Make Them Change it Every Week!”: A Qualitative Exploration of Online Developer Advice on Usable and Secure Authentication. CoRR. 2023;abs/2309.00744. doi:10.48550/arXiv.2309.00744
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 49438
Krüger S, Reif M, Wickert A-K, et al. Securing Your Crypto-API Usage Through Tool Support - A Usability Study. In: 2023 IEEE Secure Development Conference (SecDev). IEEE; 2023. doi:10.1109/secdev56634.2023.00015
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 46500
Pottebaum J, Rossel J, Somorovsky J, et al. Re-Envisioning Industrial Control Systems Security by Considering Human Factors as a Core Element of Defense-in-Depth. In: 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE; 2023:379-385. doi:10.1109/eurospw59978.2023.00048
LibreCat
| DOI
| Download (ext.)
2023 | Journal Article | LibreCat-ID: 53348
Fourné M, Wermke D, Fahl S, Acar Y. A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda. IEEE Secur Priv. 2023;21(6):59–63. doi:10.1109/MSEC.2023.3316569
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 53362
Amft S, Höltervennhoff S, Huaman N, et al. “We’ve Disabled MFA for You”: An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments. In: Meng W, Jensen CD, Cremers C, Kirda E, eds. Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, Copenhagen, Denmark, November 26-30, 2023. ACM; 2023:3138–3152. doi:10.1145/3576915.3623180
LibreCat
| DOI
2023 | Conference Paper | LibreCat-ID: 53366
Tran M, Munyendo CW, Sri Ramulu H, et al. Security, Privacy, and Data-sharing Trade-offs When Moving to the United States: Insights from a Qualitative Study. In: 2024 IEEE Symposium on Security and Privacy (SP). ; 2023:4–4.
LibreCat
2023 | Conference Paper | LibreCat-ID: 53369
Amft S, Höltervennhoff S, Huaman N, et al. “We’ve Disabled MFA for You”: An Evaluation of the Security and Usability of Multi-Factor Authentication Recovery Deployments. In: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security. ; 2023:3138–3152.
LibreCat
2023 | Journal Article | LibreCat-ID: 53368
Fourné M, Wermke D, Fahl S, Acar Y. A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda. IEEE Security & Privacy. 2023;21(6):59–63.
LibreCat
2023 | Journal Article | LibreCat-ID: 53352
Simko L, Sri Ramulu H, Kohno T, Acar Y. The Use and Non-Use of Technology During Hurricanes. Proc ACM Hum Comput Interact. 2023;7(CSCW2):1–54. doi:10.1145/3610215
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47289
Huaman N, Krause A, Wermke D, et al. If You Can’t Get Them to the Lab: Evaluating a Virtual Study Environment with Security Information Workers. In: Chiasson S, Kapadia A, eds. Eighteenth Symposium on Usable Privacy and Security, SOUPS 2022, Boston, MA, USA, August 7-9, 2022. USENIX Association; 2022:313–330.
LibreCat
2022 | Conference Paper | LibreCat-ID: 47286
Gutfleisch M, Klemmer JH, Busch N, Acar Y, Sasse MA, Fahl S. How Does Usable Security (Not) End Up in Software Products? Results From a Qualitative Interview Study. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:893–910. doi:10.1109/SP46214.2022.9833756
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47287
Stransky C, Wiese O, Roth V, Acar Y, Fahl S. 27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:860–875. doi:10.1109/SP46214.2022.9833755
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47283
Kaur H, Amft S, Votipka D, Acar Y, Fahl S. Where to Recruit for Security Development Studies: Comparing Six Software Developer Samples. In: Butler KRB, Thomas K, eds. 31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022. USENIX Association; 2022:4041–4058.
LibreCat
2022 | Journal Article | LibreCat-ID: 47290
Huaman N, Amft S, Oltrogge M, Acar Y, Fahl S. They Would Do Better If They Worked Together: Interaction Problems Between Password Managers and the Web. IEEE Secur Priv. 2022;20(2):49–60. doi:10.1109/MSEC.2021.3123795
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 47282
Schmüser J, Wöhler N, Ramulu HS, et al. “Please help share!”: Security and Privacy Advice on Twitter during the 2022 Russian Invasion of Ukraine. CoRR. 2022;abs/2208.11581. doi:10.48550/arXiv.2208.11581
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47288
Jancar J, Fourné M, Braga DDA, et al. “They’re not that hard to mitigate”: What Cryptographic Library Developers Think About Timing Attacks. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:632–649. doi:10.1109/SP46214.2022.9833713
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47285
Wermke D, Wöhler N, Klemmer JH, Fourné M, Acar Y, Fahl S. Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:1880–1896. doi:10.1109/SP46214.2022.9833686
LibreCat
| DOI
2022 | Conference Paper | LibreCat-ID: 47284
Munyendo CW, Acar Y, Aviv AJ. “Desperate Times Call for Desperate Measures”: User Concerns with Mobile Loan Apps in Kenya. In: 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, CA, USA, May 22-26, 2022. IEEE; 2022:2304–2319. doi:10.1109/SP46214.2022.9833779
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 47281
Krause A, Klemmer JH, Huaman N, Wermke D, Acar Y, Fahl S. Committed by Accident: Studying Prevention and Remediation Strategies Against Secret Leakage in Source Code Repositories. CoRR. 2022;abs/2211.06213. doi:10.48550/arXiv.2211.06213
LibreCat
| DOI
2022 | Journal Article | LibreCat-ID: 53367
Herbert F, Becker S, Buckmann A, et al. Digital Security–A Question of Perspective. A Large-Scale Telephone Survey with Four At-Risk User Groups. arXiv preprint arXiv:221212964. Published online 2022.
LibreCat
2021 | Dissertation | LibreCat-ID: 47271
Acar Y. Human Factors in Secure Software Development. University of Marburg, Germany; 2021.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47265
Huaman N, von Skarczinski B, Stransky C, et al. A Large-Scale Interview Study on Information Security in and Attacks against Small and Medium-sized Enterprises. In: Bailey M, Greenstadt R, eds. 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. USENIX Association; 2021:1235–1252.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47264
Oltrogge M, Huaman N, Amft S, Acar Y, Backes M, Fahl S. Why Eve and Mallory Still Love Android: Revisiting TLS (In)Security in Android Applications. In: Bailey M, Greenstadt R, eds. 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. USENIX Association; 2021:4347–4364.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47270
Häring M, Gerlitz E, Tiefenau C, et al. Never ever or no matter what: Investigating Adoption Intentions and Misconceptions about the Corona-Warn-App in Germany. In: Chiasson S, ed. Seventeenth Symposium on Usable Privacy and Security, SOUPS 2021, August 8-10, 2021. USENIX Association; 2021:77–98.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47268
Stransky C, Wermke D, Schrader J, et al. On the Limited Impact of Visualizing Encryption: Perceptions of E2E Messaging Security. In: Chiasson S, ed. Seventeenth Symposium on Usable Privacy and Security, SOUPS 2021, August 8-10, 2021. USENIX Association; 2021:437–454.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47267
Huaman N, Amft S, Oltrogge M, Acar Y, Fahl S. They Would do Better if They Worked Together: The Case of Interaction Problems Between Password Managers and Websites. In: 2021 IEEE Symposium on Security and Privacy (SP). IEEE; 2021. doi:10.1109/sp40001.2021.00094
LibreCat
| DOI
2021 | Conference Paper | LibreCat-ID: 47266
Haney JM, Acar Y, Furman S. “It’s the Company, the Government, You and I”: User Perceptions of Responsibility for Smart Home Privacy and Security. In: Bailey M, Greenstadt R, eds. 30th USENIX Security Symposium, USENIX Security 2021, August 11-13, 2021. USENIX Association; 2021:411–428.
LibreCat
2021 | Conference Paper | LibreCat-ID: 47269
Neil L, Bouma-Sims E, Lafontaine E, Acar Y, Reaves B. Investigating Web Service Account Remediation Advice. In: Chiasson S, ed. Seventeenth Symposium on Usable Privacy and Security, SOUPS 2021, August 8-10, 2021. USENIX Association; 2021:359–376.
LibreCat
2020 | Conference Paper | LibreCat-ID: 47879
Haney J, Furman S, Acar Y. Smart Home Security and Privacy Mitigations: Consumer Perceptions, Practices, and Challenges. In: International Conference on Human-Computer Interaction, Copenhagen, -1; 2020.
LibreCat
2020 | Book Chapter | LibreCat-ID: 47261
Haney JM, Furman SM, Acar Y. Smart Home Security and Privacy Mitigations: Consumer Perceptions, Practices, and Challenges. In: HCI for Cybersecurity, Privacy and Trust. Springer International Publishing; 2020. doi:10.1007/978-3-030-50309-3_26
LibreCat
| DOI
2020 | Conference Paper | LibreCat-ID: 47260
Wermke D, Huaman N, Stransky C, Busch N, Acar Y, Fahl S. Cloudy with a Chance of Misconceptions: Exploring Users’ Perceptions and Expectations of Security and Privacy in Cloud Office Suites. In: Lipford HR, Chiasson S, eds. Sixteenth Symposium on Usable Privacy and Security, SOUPS 2020, August 7-11, 2020. USENIX Association; 2020:359–377.
LibreCat
2020 | Conference Paper | LibreCat-ID: 47262
Gorski PL, Acar Y, Lo Iacono L, Fahl S. Listen to Developers! A Participatory Design Study on Security Warnings for Cryptographic APIs. In: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. ACM; 2020. doi:10.1145/3313831.3376142
LibreCat
| DOI
2018 | Report | LibreCat-ID: 47876
Haney J, Theofanos M, Acar Y, Prettyman SS. Organizational Views of NIST Cryptographic Standards and Testing and Validation Programs. National Institute of Standards and Technology; 2018. doi:10.6028/nist.ir.8241
LibreCat
| DOI
2018 | Conference Paper | LibreCat-ID: 47253
Wu Y, Gupta P, Wei M, Acar Y, Fahl S, Ur B. Your Secrets Are Safe. In: Proceedings of the 2018 World Wide Web Conference on World Wide Web - WWW ’18. ACM Press; 2018. doi:10.1145/3178876.3186088
LibreCat
| DOI
2018 | Conference Paper | LibreCat-ID: 47255
Haney JM, Theofanos M, Acar Y, Prettyman SS. “We make it a big deal in the company”: Security Mindsets in Organizations that Develop Cryptographic Products. In: Zurko ME, Lipford HR, eds. Fourteenth Symposium on Usable Privacy and Security, SOUPS 2018, Baltimore, MD, USA, August 12-14, 2018. USENIX Association; 2018:357–373.
LibreCat
2018 | Conference Paper | LibreCat-ID: 47254
Oltrogge M, Derr E, Stransky C, et al. The Rise of the Citizen Developer: Assessing the Security Impact of Online App Generators. In: 2018 IEEE Symposium on Security and Privacy (SP). IEEE; 2018. doi:10.1109/sp.2018.00005
LibreCat
| DOI
2018 | Conference Paper | LibreCat-ID: 47256
Gorski PL, Iacono LL, Wermke D, et al. Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic API Misuse. In: Zurko ME, Lipford HR, eds. Fourteenth Symposium on Usable Privacy and Security, SOUPS 2018, Baltimore, MD, USA, August 12-14, 2018. USENIX Association; 2018:265–281.
LibreCat
2018 | Conference Paper | LibreCat-ID: 47252
Wermke D, Huaman N, Acar Y, Reaves B, Traynor P, Fahl S. A Large Scale Investigation of Obfuscation Use in Google Play. In: Proceedings of the 34th Annual Computer Security Applications Conference, ACSAC 2018, San Juan, PR, USA, December 03-07, 2018. ACM; 2018:222–235. doi:10.1145/3274694.3274726
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47249
Derr E, Bugiel S, Fahl S, Acar Y, Backes M. Keep me Updated: An Empirical Study of Third-Party Library Updatability on Android. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM; 2017. doi:10.1145/3133956.3134059
LibreCat
| DOI
2017 | Journal Article | LibreCat-ID: 47309
Acar Y, Backes M, Fahl S, Kim D, Mazurek ML, Stransky C. How Internet Resources Might Be Helping You Develop Faster but Less Securely. IEEE Secur Priv. 2017;15(2):50–60. doi:10.1109/MSP.2017.24
LibreCat
| DOI
2017 | Report | LibreCat-ID: 47873
Redmiles EM, Acar Y, Fahl S, Mazurek ML. A Summary of Survey Methodology Best Practices for Security and Privacy Researchers. University of Maryland Computer Science Department; 2017. doi:10.13016/M22K2W
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47248
Acar Y, Stransky C, Wermke D, Weir C, Mazurek ML, Fahl S. Developers Need Support, Too: A Survey of Security Advice for Software Developers. In: 2017 IEEE Cybersecurity Development (SecDev). IEEE; 2017. doi:10.1109/secdev.2017.17
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47245
Stransky C, Acar Y, Nguyen DC, et al. Lessons Learned from Using an Online Platform to Conduct Large-Scale, Online Controlled Security Experiments with Software Developers. In: Fernandez JM, Payer M, eds. 10th USENIX Workshop on Cyber Security Experimentation and Test, CSET 2017, Vancouver, BC, Canada, August 14, 2017. USENIX Association; 2017.
LibreCat
2017 | Conference Paper | LibreCat-ID: 47243
Fischer F, Böttinger K, Xiao H, et al. Stack Overflow Considered Harmful? The Impact of Copy&Paste on Android Application Security. In: 2017 IEEE Symposium on Security and Privacy, SP 2017, San Jose, CA, USA, May 22-26, 2017. IEEE Computer Society; 2017:121–136. doi:10.1109/SP.2017.31
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47250
Nguyen DC, Wermke D, Acar Y, Backes M, Weir C, Fahl S. A Stitch in Time: Supporting Android Developers in Writing Secure Code. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM; 2017. doi:10.1145/3133956.3133977
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47242
Acar Y, Fahl S, Mazurek ML. You are Not Your Developer, Either: A Research Agenda for Usable Security and Privacy Research Beyond End Users. In: 2016 IEEE Cybersecurity Development (SecDev). IEEE; 2017. doi:10.1109/secdev.2016.013
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47246
Acar Y, Backes M, Fahl S, et al. Comparing the Usability of Cryptographic APIs. In: 2017 IEEE Symposium on Security and Privacy (SP). IEEE; 2017. doi:10.1109/sp.2017.52
LibreCat
| DOI
2017 | Conference Paper | LibreCat-ID: 47244
Acar Y, Stransky C, Wermke D, Mazurek ML, Fahl S. Security Developer Studies with GitHub Users: Exploring a Convenience Sample. In: Thirteenth Symposium on Usable Privacy and Security, SOUPS 2017, Santa Clara, CA, USA, July 12-14, 2017. USENIX Association; 2017:81–95.
LibreCat
2016 | Conference Paper | LibreCat-ID: 47240
Acar Y, Backes M, Bugiel S, Fahl S, McDaniel P, Smith M. SoK: Lessons Learned from Android Security Research for Appified Software Platforms. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE; 2016. doi:10.1109/sp.2016.33
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 47241
Acar Y, Backes M, Fahl S, Kim D, Mazurek ML, Stransky C. You Get Where You’re Looking for: The Impact of Information Sources on Code Security. In: 2016 IEEE Symposium on Security and Privacy (SP). IEEE; 2016. doi:10.1109/sp.2016.25
LibreCat
| DOI
2016 | Conference Paper | LibreCat-ID: 47239
Dechand S, Schürmann D, Busse K, Acar Y, Fahl S, Smith M. An Empirical Study of Textual Key-Fingerprint Representations. In: Holz T, Savage S, eds. 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016. USENIX Association; 2016:193–208.
LibreCat
2015 | Conference Paper | LibreCat-ID: 47233
Perl H, Dechand S, Smith M, et al. VCCFinder: Finding Potential Vulnerabilities in Open-Source Projects to Assist Code Audits. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM; 2015. doi:10.1145/2810103.2813604
LibreCat
| DOI
2015 | Conference Paper | LibreCat-ID: 47232
Oltrogge M, Acar Y, Dechand S, Smith M, Fahl S. To Pin or Not to Pin-Helping App Developers Bullet Proof Their TLS Connections. In: Jung J, Holz T, eds. 24th USENIX Security Symposium, USENIX Security 15, Washington, D.C., USA, August 12-14, 2015. USENIX Association; 2015:239–254.
LibreCat
2014 | Conference Paper | LibreCat-ID: 47162
Fahl S, Acar Y, Perl H, Smith M. Why eve and mallory (also) love webmasters. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security. ACM; 2014. doi:10.1145/2590296.2590341
LibreCat
| DOI
2013 | Conference Paper | LibreCat-ID: 47161
Fahl S, Harbach M, Acar Y, Smith M. On the ecological validity of a password study. In: Proceedings of the Ninth Symposium on Usable Privacy and Security. ACM; 2013. doi:10.1145/2501604.2501617
LibreCat
| DOI