Veröffentlichungen: Security

2023

  • Stöckle, Patrick; Sammereier, Michael; Grobauer, Bernd; Pretschner, Alexander: Better Safe Than Sorry! Automated Identification of Functionality-Breaking Security-Configuration Rules. ACM/IEEE International Conference on Automation of Software Test (AST) (AST '23), 2023, 10 mehr…

2022

  • Stöckle, Patrick; Wasserer, Theresa; Grobauer, Bernd; Pretschner, Alexander: Automated Identification of Security-Relevant Configuration Settings Using NLP. Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (ASE '22), Association for Computing Machinery, 2022 mehr…
  • Stöckle, Patrick; Pruteanu, Ionuț; Grobauer, Bernd; Pretschner, Alexander: Hardening with Scapolite: A DevOps-Based Approach for Improved Authoring and Testing of Security-Configuration Guides in Large-Scale Organizations. Proceedings of the Twelveth ACM Conference on Data and Application Security and Privacy (CODASPY '22), Association for Computing Machinery, 2022 mehr…

2019

  • Aleieldin Salem, Michael Hesse, Jona Neumeier, Alexander Pretschner: Towards Empirically Assessing Behavior Stimulation Approaches for Android Malware. SECURWARE 2019, The Thirteenth International Conference on Emerging Security Information, Systems and Technologies, 2019, 47-52 mehr…

2018

  • Forian Kelbert,Alexander Pretschner: Data Usage Control for Distributed Systems. ACM Transactions on Privacy and Security, 2018 mehr…

2016

  • Banescu, Sebastian and Collberg, Christian and Ganesh, Vijay and Newsham, Zack and Pretschner, Alexander: Code Obfuscation Against Symbolic Execution Attacks. Proceedings of the 32Nd Annual Conference on Computer Security Applications, ACM, 2016, 189--200 mehr…
  • D Ki-Aries, Shamal Faily, Kristian Beckers: Persona-Driven Information Security Awareness. Proceedings of British HCI, ACM, 2016, to appear mehr…
  • Kelbert, Florian; Fromm, Alexander: Compliance Monitoring of Third-Party Applications in Online Social Networks. The 8th International Workshop on Privacy Engineering (Proceedings of the 8th International Workshop on Privacy Engineering), IEEE, 2016, 9-16 mehr…
  • Kristian Beckers, Jürgen Dürrwang, Dominik Holling: Standard Compliant Hazard and Threat Analysis for the Automotive Domain. Information 36 (7), 2016 mehr…
  • Kristian Beckers,Sebastian Pape: A Serious Game for Eliciting Social Engineering Security Requirements. Proceedings of the International Conference on Requirements Engineering, RE, 2016, to appear mehr…
  • Kristian Beckers,Sebastian Pape, Veronika Fries: HATCH: Hack And Trick Capricious Humans – A Serious Game on Social Engineering. Proceedings of British HCI, ACM, 2016, to appear mehr…
  • Peter Schaab, Kristian Beckers, Sebastian Pape: A Systematic Gap Analysis of Social Engineering Defence Mechanisms Considering Social Psychology. 10th International Symposium on Human Aspects of Information Security & Assurance, HAISA 2016 ,Frankfurt, Germany, July, 2016, Proceedings, to appear, 2016, 241-251 mehr…

2015

  • Banescu, Sebastian; Ochoa, Martín; Kunze, Nils; Pretschner, Alexander: Idea: Benchmarking Indistinguishability Obfuscation – A Candidate Implementation. 7th International Symposium, ESSoS 2015, Milan, Italy, March 4-6, 2015. Proceedings, Springer Science + Business Media, 2015 mehr…
  • Banescu, Sebastian; Pretschner, Alexander; Battré, Dominic; Cazzulani, Stéfano; Shield, Robert; Thompson, Greg: Software-Based Protection against "Changeware". Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery (ACM), 2015 mehr…
  • Lovat, Enrico; Fromm, Alexander; Mohr, Martin; Pretschner, Alexander: SHRIFT System-wide HybRid Information Flow Tracking. ICT Systems Security and Privacy Protection: 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26-28, 2015, Proceedings, Springer International Publishing, 2015, 371-385 mehr…
  • Ochoa, Martín; Cuéllar, Jorge; Pretschner, Alexander; Hallgren, Per: Idea: Unwinding Based Model-Checking and Testing for Non-Interference on EFSMs. 7th International Symposium, ESSoS 2015, Milan, Italy, March 4-6, 2015. Proceedings, Springer Science + Business Media, 2015 mehr…
  • Tong Li, Elda Paja, John Mylopoulos, Jennifer Horkoff, Kristian Beckers: Holistic security requirements analysis: An attacker's perspective. IEEE 23rd International Requirements Engineering Conference (RE) (Proceedings of the 2015 IEEE 23rd International Requirements Engineering Conference (RE)), IEEE, 2015, 282-283 mehr…
  • Tong Li, Jennifer Horkoff, Elda Paja, Kristian Beckers, John Mylopoulos: Analyzing Attack Strategies Through Anti-goal Refinement. 8th IFIP WG 8.1. Working Conference (8th IFIP WG 8.1. Working Conference, PoEM 2015, Valencia, Spain, November 10-12, 2015, Proceedings), Springer International Publishing, 2015, 75-90 mehr…

2014

  • Barthe, Gilles; Köpf, Boris; Mauborgne, Laurent; Ochoa, Martín: Leakage Resilience against Concurrent Cache Attacks. Third International Conference, POST 2014, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2014, Grenoble, France, April 5-13, 2014, Proceedings, Springer Science + Business Media, 2014 mehr…
  • Lovat, Enrico; Oudinet, Johan; Pretschner, Alexander: On quantitative dynamic data flow tracking. Proceedings of the 4th ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery (ACM), 2014 mehr…
  • Rocchetto, Marco; Ochoa, Martín; Torabi Dashti, Mohammad: Model-Based Detection of CSRF. 29th IFIP TC 11 International Conference, SEC 2014, Marrakech, Morocco, June 2-4, 2014. Proceedings, Springer Science + Business Media, 2014 mehr…
  • Wüchner, Tobias; Ochoa, Martín; Pretschner, Alexander: Malware detection with quantitative data flow graphs. Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, Association for Computing Machinery (ACM), 2014 mehr…
  • Wüchner, Tobias; Pretschner, Alexander; Ochoa, Martín: DAVAST. Proceedings of the Eleventh Workshop on Visualization for Cyber Security, Association for Computing Machinery (ACM), 2014 mehr…

2013

  • Acatech (Hrsg.): Internet Privacy – Options for adequate realisation. Springer Science + Business Media, 2013 mehr…
  • Büchler, Matthias: Security Testing with Fault-Models and Properties. Software Testing, Verification and Validation (ICST), 2013 IEEE Sixth International Conference on, Institute of Electrical & Electronics Engineers (IEEE), 2013 mehr…
  • Fromm, Alexander; Kelbert, Florian; Pretschner, Alexander: Data Protection in a Cloud-Enabled Smart Grid. First International Workshop, SmartGridSec 2012, Berlin, Germany, December 3, 2012, Revised Selected Papers, Springer Science + Business Media, 2013 mehr…
  • Kelbert, Florian; Pretschner, Alexander: Data usage control enforcement in distributed systems. Proceedings of the Third ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery (ACM), 2013 mehr…
  • Kumari, Prachi; Pretschner, Alexander: Model-Based Usage Control Policy Derivation. Proceedings of the 5th International Conference on Engineering Secure Software and Systems, Springer Science + Business Media, 2013 mehr…
  • Vigano, Luca: The SPaCIoS Project: Secure Provision and Consumption in the Internet of Services. OWASP AppSec Research, Institute of Electrical & Electronics Engineers (IEEE), 2013 mehr…

2012

  • Büchler, Matthias; Oudinet, Johan; Pretschner, Alexander: Semi-Automatic Security Testing of Web Applications from a Secure Model. Proc. 6th IEEE Intl. Conf. on Software Security and Reliability, Institute of Electrical & Electronics Engineers (IEEE), 2012 mehr…
  • Feth, Denis; Pretschner, Alexander: Flexible Data-Driven Security for Android. Proceedings of the 2012 IEEE Sixth International Conference on Software Security and Reliability, Institute of Electrical & Electronics Engineers (IEEE), 2012 mehr…
  • Kelbert, Florian; Pretschner, Alexander: Towards a policy enforcement infrastructure for distributed usage control. Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, Association for Computing Machinery (ACM), 2012 mehr…
  • Kelbert, Florian; Shirazi, Fatemeh; Simo, Hervais; Wüchner, Tobias; Buchmann, Johannes; Pretschner, Alexander; Waidner, Michael: State of Online Privacy: A Technical Perspective. Springer Science + Business Media, 2012 mehr…
  • Kumari, Prachi; Pretschner, Alexander: Deriving implementation-level policies for usage control enforcement. {Proceedings of the Second ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery (ACM), 2012 mehr…
  • Pretschner, Alexander; Lovat, Enrico; Büchler, Matthias: Representation-Independent Data Usage Control. Proceedings of the 6th International Conference, and 4th International Conference on Data Privacy Management and Autonomous Spontaneus Security, Springer Science + Business Media, 2012 mehr…
  • Wuchner, Tobias; Pretschner, Alexander: Data Loss Prevention Based on Data-Driven Usage Control. Proceedings of the 2012 IEEE 23rd International Symposium on Software Reliability Engineering, Institute of Electrical & Electronics Engineers (IEEE), 2012 mehr…

2011

  • Beckert, B., Hofheinz, D., Müller-Quade, J., Pretschner, A., Snelting, G.: Software Security in Virtualized Infrastructures: The Smart Meter Example. it - Information Technology, 2011 mehr…
  • Cornelius Moucha, Enrico Lovat, and Alexander Pretschner: A virtualized usage control bus system. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), 2011 mehr…
  • Kumari, Prachi; Pretschner, Alexander; Peschla, Jonas; Kuhn, Jens-Michael: Distributed data usage control for web applications. Proceedings of the First ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery (ACM), 2011 mehr…
  • Lovat, Enrico; Pretschner, Alexander: Data-centric multi-layer usage control enforcement. Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, Association for Computing Machinery (ACM), 2011 mehr…
  • Moucha, Cornelius; Lovat, Enrico; Pretschner, Alexander: A Hypervisor-Based Bus System for Usage Control. Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security, Institute of Electrical & Electronics Engineers (IEEE), 2011 mehr…
  • Neisse, Ricardo; Holling, Dominik; Pretschner, Alexander: Implementing Trust in Cloud Infrastructures. Proceedings of the 2011 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing, Institute of Electrical & Electronics Engineers (IEEE), 2011 mehr…
  • Neisse, Ricardo; Pretschner, Alexander; Di Giacomo, Valentina: A Trustworthy Usage Control Enforcement Framework. Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security, Institute of Electrical & Electronics Engineers (IEEE), 2011 mehr…
  • Prachi Kumari, Florian Kelbert, Alexander Pretschner: Data Protection in Heterogeneous Distributed Systems: A Smart Meter Example. Dependable Software for Critical Infrastructures, 2011 mehr…

2010

  • Prachi Kumari: Requirements Analysis for Privacy in Social Networks. 8th Intl. Workshop for Technical, Economic and Legal Aspects of Business Models for Virtual Goods (VG), 2010 mehr…

2009

  • Gheorghe, Gabriela; Massacci, Fabio; Neuhaus, Stephan; Pretschner, Alexander: GoCoMM: A Governance and Compliance Maturity Model. Proceedings of the First ACM Workshop on Information Security Governance, Association for Computing Machinery (ACM), 2009 mehr…
  • Harvan, Matú; Pretschner, Alexander: State-Based Usage Control Enforcement with Data Flow Tracking using System Call Interposition. Proceedings of the 2009 Third International Conference on Network and System Security, Institute of Electrical & Electronics Engineers (IEEE), 2009 mehr…
  • Pretschner, A., Büchler, M., Harvan, M., Schaefer, C., Walter, T.: Usage Control Enforcement with Data Flow Tracking for X11. 5th Intl. Workshop on Security and Trust Management (STM), 2009 mehr…
  • Pretschner, A.; Schütz, F.; Schaefer, C.; Walter, T.: Policy Evolution in Distributed Usage Control. 4th Intl. Workshop on Security and Trust Management (STM'08), Elsevier BV, 2009, 109-123 mehr…
  • Pretschner, Alexander: An Overview of Distributed Usage Control. 2nd Conf. Knowledge Engineering: Principles and Techniques, 2009 mehr…

2008

  • Lotz, Volkmar; Pigout, Emmanuel; Fischer, Peter M.; Kossmann, Donald; Massacci, Fabio; Pretschner, Alexander: Towards Systematic Achievement of Compliance in Service-Oriented Architectures: The MASTER Approach. J. Wirtschaftsinformatik, Springer Science + Business Media, 2008, 383-391 mehr…
  • Pretschner, A.; Hilty, M.; Basin, D.; Schaefer, C.; Walter, T.: Mechanisms for usage control. Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, Association for Computing Machinery (ACM), 2008 mehr…
  • Pretschner, Alexander; Hilty, Manuel; Schütz, Florian; Schaefer, Christian; Walter, Thomas: Usage Control Enforcement: Present and Future. Security Privacy, IEEE, Institute of Electrical & Electronics Engineers (IEEE), 2008, 44-53 mehr…
  • Pretschner, Alexander; Mouelhi, Tejeddine; Traon, Yves Le: Model-Based Tests for Access Control Policies. Proc. 1st International Conference on Software Testing, Verification, and Validation (ICST), Institute of Electrical & Electronics Engineers (IEEE), 2008 mehr…
  • Pretschner, Alexander; Mouelhi, Tejeddine; Traon, Yves Le: Model-Based Tests for Access Control Policies. Proc. 1st International Conference on Software Testing, Verification, and Validation (ICST), Institute of Electrical & Electronics Engineers (IEEE), 2008 mehr…
  • Pretschner, Alexander; Mouelhi, Tejeddine; Traon, Yves Le: Model-Based Tests for Access Control Policies. Proc. 1st International Conference on Software Testing, Verification, and Validation (ICST), Institute of Electrical & Electronics Engineers (IEEE), 2008 mehr…
  • Pretschner, Alexander; Walter, Thomas: Negotiation of Usage Control Policies - Simply the Best? Availability, Reliability and Security, 2008. ARES 08. Third International Conference on Availability, Reliability and Security , Institute of Electrical & Electronics Engineers (IEEE), 2008 mehr…
  • Traon, Yves Le; Mouelhi, Tejeddine; Pretschner, Alexander; Baudry, Benoit: Test-Driven Assessment of Access Control in Legacy Applications. Proc. 1st International Conference on Software Testing, Verification, and Validation (ICST), Institute of Electrical & Electronics Engineers (IEEE), 2008 mehr…
  • Traon, Yves Le; Mouelhi, Tejeddine; Pretschner, Alexander; Baudry, Benoit: Test-Driven Assessment of Access Control in Legacy Applications. Proc. 1st International Conference on Software Testing, Verification, and Validation (ICST), Institute of Electrical & Electronics Engineers (IEEE), 2008 mehr…

2007

  • Berthold, Agreiter; Alam, Muhammad; Breu, Ruth; Hafner, Michael; Pretschner, Alexander; Seifert, Jean-Pierre; Zhang, Xinwen: A technical architecture for enforcing usage control requirements in service-oriented architectures. Proceedings of the 2007 ACM Workshop on Secure Web Services, Association for Computing Machinery (ACM), 2007 mehr…
  • Hilty, M., Pretschner, A., Basin, D.: Verteilte Nutzungskontrolle. digma , 2007 mehr…
  • Hilty, M.; Pretschner, A.; Basin, D.; Schaefer, C.; Walter, T.: Monitors for Usage Control. Proceedings of IFIPTM 2007: Joint iTrust and PST Conferences on Privacy, Trust Management and Security,, Springer Science + Business Media, 2007 mehr…
  • Hilty, M.; Pretschner, A.; Basin, D.; Schaefer, C.; Walter, T.: A Policy Language for Distributed Usage Control. Proceedings of the 12th European Conference on Research in Computer Security, Springer Science + Business Media, 2007 mehr…
  • Hilty, Manuel; Pretschner, Alexander; Schaefer, Christian; Walter, Thomas: DUKE--Distributed Usage Control Enforcement. 8th IEEE International Workshop on Policies for Distributed Systems and Networks (POLICY), Institute of Electrical & Electronics Engineers (IEEE), 2007 mehr…
  • Pretschner, Alexander; Massacci, Fabio; Hilty, Manuel: Usage Control in Service-Oriented Architectures. 4th International Conference, TrustBus 2007, Regensburg, Germany, September 3-7, 2007. Proceedings, Springer Science + Business Media, 2007 mehr…

2006

  • Hilty, Manuel; Pretschner, Alexander; Schaefer, Christian; Schaefer, Christian; Walter, Thomas: Usage Control Requirements in Mobile and Ubiquitous Computing Applications. Systems and Networks Communications, 2006. ICSNC '06. International Conference, Institute of Electrical & Electronics Engineers (IEEE), 2006 mehr…
  • Pretschner, Alexander; Hilty, Manuel; Basin, David: Distributed usage control. Communications of the ACM, Association for Computing Machinery (ACM), 2006, 39 mehr…

2005

  • Hilty, M., Basin, D., Pretschner, A.: On Obligations. 10th European Symp. on Research in Computer Security (ESORICS'05), Springer LNCS , 2005 mehr…