@article{holzinger_kandinsky_2020, title = {{KANDINSKY} {Patterns}: {A} {Swiss}-{Knife} for the {Study} of {Explainable} {AI}}, url = {https://phaidra.fhstp.ac.at/o:4336}, number = {120}, journal = {ERCIM-News}, author = {Holzinger, Andreas and Kieseberg, Peter and Müller, Heimo}, month = jan, year = {2020}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, FH SP Data Analytics \& Visual Computing, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, best, ⛔ No DOI found}, pages = {41--42}, } @article{holzinger_can_2018, title = {Can we trust {Machine} {Learning} {Results}? {Artificial} {Intelligence} in {Safety}-{Critical} decision {Support}}, volume = {112}, number = {1}, journal = {ERCIM News}, author = {Holzinger, Katharina and Mak, Klaus and Kieseberg, Peter and Holzinger, Andreas}, year = {2018}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, Wiss. Beitrag, peer-reviewed, ⛔ No DOI found}, pages = {42--43}, } @article{malle_need_2018, title = {The {Need} for {Speed} of {AI} {Applications}: {Performance} {Comparison} of {Native} vs. {Browser}-based {Algorithm} {Implementations}}, shorttitle = {The {Need} for {Speed} of {AI} {Applications}}, url = {http://arxiv.org/abs/1802.03707}, abstract = {AI applications pose increasing demands on performance, so it is not surprising that the era of client-side distributed software is becoming important. On top of many AI applications already using mobile hardware, and even browsers for computationally demanding AI applications, we are already witnessing the emergence of client-side (federated) machine learning algorithms, driven by the interests of large corporations and startups alike. Apart from mathematical and algorithmic concerns, this trend especially demands new levels of computational efficiency from client environments. Consequently, this paper deals with the question of state-of-the-art performance by presenting a comparison study between native code and different browser-based implementations: JavaScript, ASM.js as well as WebAssembly on a representative mix of algorithms. Our results show that current efforts in runtime optimization push the boundaries well towards (and even beyond) native binary performance. We analyze the results obtained and speculate on the reasons behind some surprises, rounding the paper off by outlining future possibilities as well as some of our own research efforts.}, language = {en}, urldate = {2019-01-23}, journal = {arXiv:1802.03707 [cs, stat]}, author = {Malle, Bernd and Giuliani, Nicola and Kieseberg, Peter and Holzinger, Andreas}, month = feb, year = {2018}, note = {arXiv: 1802.03707}, keywords = {Center for Artificial Intelligence, FH SP Data Analytics \& Visual Computing, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, Wiss. Beitrag, ⛔ No DOI found}, } @article{kieseberg_forensics_2017, title = {Forensics using {Internal} {Database} {Structures}}, url = {http://ercim-news.ercim.eu/images/stories/EN108/EN108-web.pdf}, number = {108}, journal = {ERCIM News}, author = {Kieseberg, Peter and Weippl, Edgar and Schrittwieser, Sebastian}, year = {2017}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_forensics_2016, title = {Forensics using {Internal} {Database} {Structures}}, number = {108}, journal = {ERCIM News}, author = {Kieseberg, Peter and Weippl, Edgar and Schrittwieser, Sebastian}, year = {2016}, note = {Projekt: TARGET}, keywords = {Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_security_2017, title = {Security {Testing} for {Mobile} {Applications}}, volume = {109}, url = {https://www.sba-research.org/wp-content/uploads/publications/201704 - KIESEBERG - Pages from EN109-web.pdf}, journal = {ERCIM News}, author = {Kieseberg, Peter and Frühwirt, Peter and Schrittwieser, Sebastian}, year = {2017}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, pages = {52--53}, } @article{malle_privacy_2016, title = {Privacy {Aware} {Machine} {Learning} and the {Right} to be {Forgotten}}, number = {107}, journal = {ERCIM News}, author = {Malle, Bernd and Kieseberg, Peter and Schrittwieser, Sebastian and Holzinger, Andreas}, year = {2016}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Center for Digital Health Innovation, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_detection_2016, title = {Detection of {Data} {Leaks} in {Collaborative} {Data} {Driven} {Research}}, number = {105}, journal = {ERCIM News}, author = {Kieseberg, Peter and Weippl, Edgar and Schrittwieser, Sebastian}, year = {2016}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_distortion_2019, title = {Distortion in {Real}-{World} {Analytic} {Processes}}, volume = {118}, journal = {ERCIM News}, author = {Kieseberg, Peter and Klausner, Lukas Daniel and Holzinger, Andreas}, year = {2019}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, Wiss. Beitrag, ⛔ No DOI found}, pages = {49--50}, } @article{kieseberg_algorithm_2014, title = {An algorithm for collusion-resistant anonymization and fingerprinting of sensitive microdata}, journal = {Special Issue on Security and Privacy in Business Networking}, author = {Kieseberg, Peter and Schrittwieser, Sebastian and Mulazzani, Martin and Echizen, Isao and Weippl, Edgar}, year = {2014}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec Security Management \& Privacy, peer-reviewed, ⛔ No DOI found}, } @inproceedings{kieseberg_security_2015, title = {Security tests for mobile applications - {Why} using {TLS} or {SSL} is not enough}, doi = {10/gnt2t7}, booktitle = {2015 {IEEE} {Eighth} {International} {Conference} on {Software} {Testing}, {Verification} and {Validation} {Workshops} ({ICSTW})}, author = {Kieseberg, Peter and Fruehwirt, Peter and Schrittwieser, Sebastian and Weippl, Edgar R.}, year = {2015}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec System \& Application Security, peer-reviewed}, } @inproceedings{fruehwirt_innodb_2014, title = {{InnoDB} {Datenbank} {Forensik} – {Rekonstruktion} von {Abfragen} über {Datenbank}-interne {Logfiles}}, booktitle = {{GI} {Sicherheit} 2014}, author = {Fruehwirt, Peter and Kieseberg, Peter and Hochreiner, Christoph and Schrittwieser, Sebastian and Weippl, Edgar}, year = {2014}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Präsentation, Publikationstyp Schriftpublikation, SP IT Sec System \& Application Security, peer-reviewed, ⛔ No DOI found}, } @inproceedings{fadai_trust_2015, title = {Trust me, {I} am a {Root} {CA}! {Analyzing} {SSL} {Root} {CAs} in modern {Browsers} and {Operating} {Systems}}, booktitle = {International {Conference} on {Availability}, {Reliability} and {Security} ({ARES})}, author = {Fadai, Tariq and Schrittwieser, Sebastian and Kieseberg, Peter and Mulazzani, Martin}, year = {2015}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec System \& Application Security, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_testen_2017, title = {Das {Testen} von {Algorithmen} in sensibler datengetriebener {Forschung}}, url = {http://fa-wi-maw.gi.de/fileadmin/gliederungen/fg-maw/Rundbriefe/GI_Rundbrief_41_JG23_Online.pdf}, journal = {Rundbrief des Fachausschusses Management der Anwendungsentwicklung und -wartung (WI-MAW)}, author = {Kieseberg, Peter and Schrittwieser, Sebastian and Malle, Bernd and Weippl, Edgar}, year = {2017}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, SP IT Sec Applied Security \& Data Science, peer-reviewed, ⛔ No DOI found}, } @inproceedings{kieseberg_real-time_2017, title = {Real-time {Forensics} through {Endpoint} {Visibility}}, url = {https://www.sba-research.org/wp-content/uploads/publications/fleetForensics.pdf}, author = {Kieseberg, Peter and Neuner, Sebastian and Schrittwieser, Sebastian and Schmiedecker, Martin}, year = {2017}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, SP IT Sec Security Management \& Privacy, peer-reviewed, ⛔ No DOI found}, } @inproceedings{amiri_machine_2018, address = {Porto, Portugal}, title = {A {Machine} {Learning} {Approach} for {Privacy}-preservation in {E}-business {Applications}:}, isbn = {978-989-758-319-3}, shorttitle = {A {Machine} {Learning} {Approach} for {Privacy}-preservation in {E}-business {Applications}}, url = {http://www.scitepress.org/DigitalLibrary/Link.aspx?doi=10.5220/0006826304430452}, doi = {10/gh38cd}, language = {en}, urldate = {2019-01-23}, booktitle = {Proceedings of the 15th {International} {Joint} {Conference} on e-{Business} and {Telecommunications}}, publisher = {SCITEPRESS - Science and Technology Publications}, author = {Amiri, Fatemeh and Quirchmayr, Gerald and Kieseberg, Peter}, year = {2018}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, best, peer-reviewed}, pages = {443--452}, } @inproceedings{rottermanner_privacy_2015, title = {Privacy and {Data} {Protection} in {Smartphone} {Messengers}}, doi = {10/gh3746}, booktitle = {Proceedings of the 17th {International} {Conference} on {Information} {Integration} and {Web}-based {Applications} {Services} ({iiWAS2015})}, author = {Rottermanner, C and Kieseberg, Peter and Huber, Markus and Schmiedecker, M and Schrittwieser, Sebastian}, year = {2015}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Department Technologie, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation}, } @inproceedings{mueller_security_2015, title = {Security and privacy of smartphone messaging applications}, volume = {11}, doi = {10/gh372v}, booktitle = {International {Journal} of {Pervasive} {Computing} and {Communications}}, author = {Mueller, Robin and Schrittwieser, Sebastian and Fruehwirt, Peter and Kieseberg, Peter and Weippl, Edgar}, year = {2015}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec System \& Application Security, peer-reviewed}, } @inproceedings{kieseberg_structural_2018, address = {Ljubljana, Slovenia}, title = {Structural {Limitations} of {B}+-{Tree} forensics}, isbn = {978-1-4503-6515-4}, url = {http://dl.acm.org/citation.cfm?doid=3277570.3277579}, doi = {10/gh372c}, abstract = {Despite the importance of databases in virtually all data driven applications, database forensics is still not the thriving topic it ought to be. Many database management systems (DBMSs) structure the data in the form of trees, most notably B+-Trees. Since the tree structure is depending on the characteristics of the INSERT-order, it can be used in order to generate information on later manipulations, as was shown in a previously published approach.}, language = {en}, urldate = {2019-01-23}, booktitle = {Proceedings of the {Central} {European} {Cybersecurity} {Conference} 2018 on - {CECC} 2018}, publisher = {ACM Press}, author = {Kieseberg, Peter and Schrittwieser, Sebastian and Weippl, Edgar}, year = {2018}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Vortrag, best, peer-reviewed}, pages = {1--4}, } @incollection{holzinger_explainable_2018, address = {Cham}, title = {Explainable {AI}: {The} {New} 42?}, volume = {11015}, isbn = {978-3-319-99739-1 978-3-319-99740-7}, shorttitle = {Explainable {AI}}, url = {http://link.springer.com/10.1007/978-3-319-99740-7_21}, abstract = {Explainable AI is not a new field. Since at least the early exploitation of C.S. Pierce’s abductive reasoning in expert systems of the 1980s, there were reasoning architectures to support an explanation function for complex AI systems, including applications in medical diagnosis, complex multi-component design, and reasoning about the real world. So explainability is at least as old as early AI, and a natural consequence of the design of AI systems. While early expert systems consisted of handcrafted knowledge bases that enabled reasoning over narrowly well-defined domains (e.g., INTERNIST, MYCIN), such systems had no learning capabilities and had only primitive uncertainty handling. But the evolution of formal reasoning architectures to incorporate principled probabilistic reasoning helped address the capture and use of uncertain knowledge.}, language = {en}, urldate = {2019-01-23}, booktitle = {Machine {Learning} and {Knowledge} {Extraction}}, publisher = {Springer International Publishing}, author = {Goebel, Randy and Chander, Ajay and Holzinger, Katharina and Lecue, Freddy and Akata, Zeynep and Stumpf, Simone and Kieseberg, Peter and Holzinger, Andreas}, editor = {Holzinger, Andreas and Kieseberg, Peter and Tjoa, A Min and Weippl, Edgar}, year = {2018}, doi = {10.1007/978-3-319-99740-7_21}, keywords = {Center for Artificial Intelligence, Center for Digital Health Innovation, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, best, peer-reviewed}, pages = {295--303}, } @inproceedings{amiri_efficiently_2019, address = {Lissabon}, title = {Efficiently {Vectorized} {Anonymization} in {Data} {Mining} using {Genetic} {Algorithms}}, volume = {Proceedings of the 34th International Conference on ICT Systems Security and Privacy Protection - IFIP SEC 2019}, author = {Amiri, Fatemeh and Quirchmayr, Gerald and Kieseberg, Peter and Bertone, Alessio and Weippl, Edgar}, month = jun, year = {2019}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, Vortrag, best, peer-reviewed}, } @incollection{holzinger_current_2018, address = {Cham}, title = {Current {Advances}, {Trends} and {Challenges} of {Machine} {Learning} and {Knowledge} {Extraction}: {From} {Machine} {Learning} to {Explainable} {AI}}, volume = {11015}, isbn = {978-3-319-99739-1 978-3-319-99740-7}, shorttitle = {Current {Advances}, {Trends} and {Challenges} of {Machine} {Learning} and {Knowledge} {Extraction}}, url = {http://link.springer.com/10.1007/978-3-319-99740-7_1}, abstract = {In this short editorial we present some thoughts on present and future trends in Artificial Intelligence (AI) generally, and Machine Learning (ML) specifically. Due to the huge ongoing success in machine learning, particularly in statistical learning from big data, there is rising interest of academia, industry and the public in this field. Industry is investing heavily in AI, and spin-offs and start-ups are emerging on an unprecedented rate. The European Union is allocating a lot of additional funding into AI research grants, and various institutions are calling for a joint European AI research institute. Even universities are taking AI/ML into their curricula and strategic plans. Finally, even the people on the street talk about it, and if grandma knows what her grandson is doing in his new start-up, then the time is ripe: We are reaching a new AI spring. However, as fantastic current approaches seem to be, there are still huge problems to be solved: the best performing models lack transparency, hence are considered to be black boxes. The general and worldwide trends in privacy, data protection, safety and security make such black box solutions difficult to use in practice. Specifically in Europe, where the new General Data Protection Regulation (GDPR) came into effect on May, 28, 2018 which affects everybody (right of explanation). Consequently, a previous niche field for many years, explainable AI, explodes in importance. For the future, we envision a fruitful marriage between classic logical approaches (ontologies) with statistical approaches which may lead to context-adaptive systems (stochastic ontologies) that might work similar as the human brain.}, language = {en}, urldate = {2019-01-23}, booktitle = {Machine {Learning} and {Knowledge} {Extraction}}, publisher = {Springer International Publishing}, author = {Holzinger, Andreas and Kieseberg, Peter and Weippl, Edgar and Tjoa, A Min}, editor = {Holzinger, Andreas and Kieseberg, Peter and Tjoa, A Min and Weippl, Edgar}, year = {2018}, doi = {10.1007/978-3-319-99740-7_1}, keywords = {Center for Artificial Intelligence, Center for Digital Health Innovation, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, best, peer-reviewed}, pages = {1--8}, } @misc{kieseberg_sicheres_2020, title = {Sicheres gemeinsames {Arbeiten} an {Dokumenten}}, url = {https://www.youtube.com/channel/UCPNzC6shWnNmveD_8VoiMxg}, author = {Kieseberg, Peter}, month = aug, year = {2020}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science}, } @misc{kieseberg_sichere_2020, title = {Sichere {Audio}- \& {Videokonferenzen}}, url = {https://www.youtube.com/channel/UCPNzC6shWnNmveD_8VoiMxg}, author = {Kieseberg, Peter}, month = apr, year = {2020}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science}, } @misc{kieseberg_hardware-_2020, title = {Hardware- \& {Softwareanforderungen} an sicheres {Homeoffice}}, url = {https://www.youtube.com/channel/UCPNzC6shWnNmveD_8VoiMxg}, author = {Kieseberg, Peter}, month = apr, year = {2020}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science}, } @incollection{kieseberg_securing_2019, address = {Cham}, title = {Securing {Information} {Against} {Manipulation} in the {Production} {Systems} {Engineering} {Process}}, isbn = {978-3-030-25312-7}, url = {https://doi.org/10.1007/978-3-030-25312-7_12}, abstract = {Modern engineering projects often include extensive cooperation with partners as well as external experts, either due to specific knowledge required that cannot be acquired otherwise or even due to rules and regulations that have to be obeyed to enter a specific market. Still, Production Systems Engineering (PSE) processes contain significant intrinsic and explicit knowledge that is a key resource of a partner. Therefore, the partners in such a collaborative process need to protect their vital knowledge assets while still being forced to share much of the information, thus rendering proactive solutions for information protection infeasible. Information fingerprinting has been used as a reactive measure in many data-based information processes. While fingerprinting does not hinder unsolicited information exchange, fingerprinting techniques can be used to prove ownership of information and to determine the leaking partner. In addition, expert information is integrated into the overall process, requiring means to hold single participants responsible for errors and/or other issues. Still, in current environments, manipulation of information is largely possible. This becomes especially problematic in cases where the expert information is used as input in intelligent algorithms, thus rendering any chance of simple detection impossible, even for the expert originally entering the information. In this chapter, we adopt an approach for providing information integrity in the so-called doctor in the loop Holzinger (Brain Inform 3(2):119–131, 2016) systems in order to fit the PSE process and its special requirements and combine it with fingerprinting methods for protecting the ownership of vital information assets. Furthermore, we extend this approach to not only control data manipulation but also access to sensitive information. In order to further mitigate attacks targeting data exfiltration, we provide two new approaches for logging SELECT-queries in a way that cannot be manipulated even by attacks in the possession of administrator privileges.}, booktitle = {Security and {Quality} in {Cyber}-{Physical} {Systems} {Engineering}: {With} {Forewords} by {Robert} {M}. {Lee} and {Tom} {Gilb}}, publisher = {Springer International Publishing}, author = {Kieseberg, Peter and Weippl, Edgar}, editor = {Biffl, Stefan and Eckhart, Matthias and Lüder, Arndt and Weippl, Edgar}, year = {2019}, doi = {10.1007/978-3-030-25312-7_12}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec System \& Application Security, peer-reviewed}, pages = {335--356}, } @misc{kieseberg_josef_2019, address = {FH St. Pölten}, title = {Josef {Ressel} {Zentrum} für {Blockchain}-{Technologien} \& {Sicherheitsmanagement} - {Offizielle} {Eröffnung}}, author = {Kieseberg, Peter}, month = aug, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec System \& Application Security}, } @misc{kieseberg_jr_2019, address = {A1}, title = {{JR} {Center} for {Blockchain} {Technologies} \& {Security} {Management}}, author = {Kieseberg, Peter}, month = may, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec System \& Application Security}, } @misc{kieseberg_keynote_2019, address = {Canterbury, United Kingdom}, type = {invited talk}, title = {Keynote: {Authentication} of the future - a challenge to privacy?}, author = {Kieseberg, Peter}, month = aug, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy}, } @misc{kieseberg_coineater_2019, title = {Coineater – {Automatische} {Erkennung} von {Cryptojacking}}, author = {Kieseberg, Peter}, month = may, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec System \& Application Security}, } @misc{kieseberg_privacy_2019, address = {Novomatic Forum, Vienna, Austria}, title = {Privacy {Aware} {Machine} {Learning} in {Health} {Informatics}}, author = {Kieseberg, Peter}, month = may, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science}, } @misc{kieseberg_dsgvo_2019, address = {FH Wiener Neustadt}, title = {Die {DSGVO} und das {Problem} der {Löschung} von {Daten} in {Datenbanken}}, author = {Kieseberg, Peter}, month = apr, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, peer-reviewed}, } @misc{kieseberg_darknet_2019, address = {Planetarium Wien}, title = {Das {Darknet}}, author = {Kieseberg, Peter}, month = mar, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy}, } @misc{kieseberg_federated_2019, address = {Fachhochschule St. Pölten}, title = {Federated {Machine} {Learning} in {Health} {Informatics}}, author = {Kieseberg, Peter}, month = feb, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science}, } @misc{kieseberg_privacy_2019-1, address = {FH St. Pölten}, title = {Privacy {Diskussion}: {Wie} viel sind {Sie} wert?}, author = {Kieseberg, Peter}, month = jan, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy}, } @misc{kieseberg_bitcoin_2019, address = {Fachhochschule St. Pölten}, title = {Bitcoin vs. {Blockchain}}, author = {Kieseberg, Peter}, month = jan, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec System \& Application Security}, } @inproceedings{winkler_towards_2019, address = {Vienna, Austria}, series = {{LNBIP}}, title = {Towards a {Flexible} and {Secure} {Round}-{Trip}-{Engineering} {Process} for {Production} {Systems} {Engineering} with {Agile} {Practices}}, volume = {LNBIP 338}, isbn = {978-3-030-05766-4}, abstract = {In Production Systems Engineering (PSE), many projects conceptually follow the plan of traditional waterfall processes with sequential process steps, while engineers actually work in parallel and distributed groups following a Round-Trip-Engineering (RTE) process. RTE processes focus on concurrent engineering plan updates along the engineering process. Thus, there is a need for frequent synchronization in a secure way to enable engineers building on a stable and baseline of engineering data. Unfortunately, the applied RTE process in PSE is coarse-grained, i.e., often data are exchanged via E-Mail and integrated seldom and inefficiently as the RTE process is not well supported by methods and tools that facilitate efficient data exchange. In this paper, we introduce and initially evaluate an efficient and secure RTE process for PSE, augmented with agile practices from business informatics, and discuss security concerns and risks. First results show that the augmented RTE process can provide strong benefits from agile practices for the collaboration of engineers. Security practices can be added but need to be balanced well regarding sufficient mitigation of security risks and extra effort for engineers to ensure an overall benefit to both engineers and the management.}, language = {English}, booktitle = {Software {Quality} - {The} complexity and challenges of {Software} {Engineering} and {Software} {Quality} in the {Cloud}}, publisher = {Springer}, author = {Winkler, Dietmar and Rinker, Felix and Kieseberg, Peter}, month = jan, year = {2019}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Konferenz-Paper, Vortrag, peer-reviewed}, pages = {14--130}, } @inproceedings{amiri_towards_2019, address = {Luxemburg}, title = {Towards {Data} {Anonymization} in {Data} {Mining} via {Meta}-heuristic {Approaches}}, abstract = {In this paper, a meta-heuristics model proposed to protect the confidentiality of data through anonymization. The aim is to minimize information loss as well as the maximization of privacy protection using Genetic algorithms and fuzzy sets. As a case study, Kohonen Maps put in practice through Self Organizing Map (SOM) applied to test the validity of the proposed model. SOM suffers from some privacy gaps and also demands a computationally, highly complex task. The experimental results show an improvement of protection of sensitive data without compromising cluster quality and optimality.}, booktitle = {Data {Privacy} {Management}, {Cryptocurrencies} and {Blockchain} {Technology}}, publisher = {Springer, Cham}, author = {Amiri, Fatemeh and Quirchmayr, Gerald and Kieseberg, Peter and Weippl, Egdar and Bertone, Alessio}, month = sep, year = {2019}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, Vortrag, peer-reviewed}, pages = {39--48}, } @misc{kieseberg_datenschutzmanagement_2018, address = {Donau-Uni Krems}, title = {Datenschutzmanagement und - organisation}, author = {Kieseberg, Peter}, month = apr, year = {2018}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, Vortrag}, } @misc{kieseberg_digitale_2018, address = {FH Wr. Neustadt}, title = {Digitale {Forensik}}, author = {Kieseberg, Peter}, month = jan, year = {2018}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, Vortrag}, } @article{kieseberg_data_2018, title = {Data {Literacy}}, journal = {ÖKZ}, author = {Kieseberg, Peter}, month = jan, year = {2018}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy}, } @misc{kieseberg_darknet_2018, address = {Vienna, VHS Urania}, title = {Das {Darknet}}, author = {Kieseberg, Peter}, month = nov, year = {2018}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, Vortrag}, } @misc{kieseberg_privacy_2018, address = {FH St. Pölten}, title = {Privacy {Diskussion}: {Wie} viel sind {Sie} wert?}, author = {Kieseberg, Peter}, month = jan, year = {2018}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, Vortrag}, } @incollection{kaundert_evaluierung_2018, title = {Evaluierung des {Cyber} {Lagebildkonzepts} im praktischen {Einsatz}}, abstract = {Der im Rahmen des CISA Projektes erstellte technische Demonstrator wurde in einer eintägigen, iterativen Planspielübung analysiert und für einen möglichen Realeinsatz evaluiert. Die praktische Anwendung des Demonstrators durch die Teilnehmenden stellte einen Abgleich der entwickelten Cyber Incident Situational Awareness (CISA) -Definition mit einer möglichen Anwendungsrealität dar und agierte als Feuerprobe für die Nützlichkeit der dargestellten Datentypen und -verknüpfungen zur Lagebeurteilung durch Identifikation von Schwachstellen in den verwendeten Visualisierungsoptionen. Diese Tauglichkeitsprüfung soll zur Schärfung der Bedürfnisse – einerseits für die Nutzung von Daten zur Lagebeurteilung, andererseits für die Schulung zukünftiger Operateure – beitragen.}, booktitle = {Cyber {Situational} {Awareness} in {Public}-{Private}-{Partnerships}}, publisher = {Springer Vieweg, Berlin, Heidelberg}, author = {Kaundert, Miriam and Ziegler, Louis and Pahi, Timea and Skopik, Florian and Leitner, Maria and Kieseberg, Peter and Schwanzer, Bernhard and Ampia-Addison, John Kojo}, year = {2018}, keywords = {Center for Artificial Intelligence, Extern}, pages = {293--344}, } @incollection{kieseberg_informationsanalysekonzept_2018, title = {Informationsanalysekonzept zur {Erstellung} von {Cyber}-{Lagebildern} in {PPPs}}, abstract = {Jedes informationsverarbeitende System ist in seiner Qualität sehr stark von der Verarbeitung der gesammelten Informationen abhängig. Speziell zur Konstruktion eines sinnvollen Lagebilds ist die Bewertung und Aggregierung von Daten von besonderer Bedeutung, um Muster und Gemeinsamkeiten scheinbar isolierter Incidents erkennen und darstellen zu können. Zusätzlich wird durch die potenzielle Einbindung automatisiert gesammelter Informationen, wie bspw. durch Sensoren in kritischen Netzabschnitten und wichtigen Infrastrukturen, die Informationsmenge exponentiell erhöht. Im Rahmen dieses Kapitels stellen wir eine Architektur vor, die den Ansprüchen eines modernen Lagezentrums genügt, wobei auch auf österreichische Spezifika, wie die Einbindung von sog. „First Respondern“, Rücksicht genommen wird.}, booktitle = {Cyber {Situational} {Awareness} in {Public}-{Private}-{Partnerships}}, publisher = {Springer Vieweg, Berlin, Heidelberg}, author = {Kieseberg, Peter and Skopik, Florian and Pahi, Timea and Leitner, Maria and Fiedler, Roman}, year = {2018}, keywords = {Center for Artificial Intelligence, Extern}, pages = {237--291}, } @incollection{pahi_erhebung_2018, title = {Erhebung von {Informations}-und {Datenquellen} für {Cyber}-{Lagebilder}}, abstract = {Ein Cyber-Lagezentrum ist eine zentrale Organisationseinheit, in der alle relevanten Informationen über Sicherheitsvorfälle zur Aufarbeitung und Bewertung zusammenlaufen. In diesem Zusammenhang sind die richtigen Informations- und Datenquellen unverzichtbare Bestandteile bei der Erstellung von Cyber-Lagebildern. Durch die Auswertung von zahlreichen Informationen und Daten kann das Situationsbewusstsein über den Zustand kritischer und wesentlicher Infrastrukturen auf unterschiedlichen Ebenen entstehen. Dazu ist es essenziell, die relevanten Quellen nutzbar zu machen. Die Etablierung der Lagebilder benötigt die Kombination und Korrelation eines breiten Spektrums unterschiedlicher Daten. Daher wird in diesem Kapitel eine Kategorisierung von Informationen und Daten für Cyber-Lagebilder eingeführt. Informationen werden entweder zum Kernlagebild oder zum Kontext gezählt.}, booktitle = {Cyber {Situational} {Awareness} in {Public}-{Private}-{Partnerships}}, publisher = {Springer Vieweg, Berlin, Heidelberg}, author = {Pahi, Timea and Skopik, Florian and Kieseberg, Peter and Leitner, Maria}, year = {2018}, keywords = {Center for Artificial Intelligence, Extern}, pages = {191--236}, } @inproceedings{kieseberg_security_2018, title = {Security {Challenges} in {Cyber}-{Phyiscal} {Production} {Systems}}, abstract = {Within the last decade, Security became a major focus in the traditional IT-Industry, mainly through the interconnection of systems and especially through the connection to the Internet, especially for reasons of introducing new services and products. This opened up a huge new attack surface, which resulted in major takedowns of legitimate services and new forms of crime and destruction. This led to the development of a multitude of new defense mechanisms and strategies, as well as the establishing of Security procedures on both, organizational and technical level. Production Systems have mostly remained in isolation during these past years, with security typically focused on the perimeter. Now, with the introduction of new paradigms like Industry 4.0, this isolation is questioned heavily with Physical Production Systems now connected to an IT-world resulting in cyber-physical systems sharing the attack surface of traditional web based interfaces while featuring completely different goals, parameters like lifetime and safety, as well as construction. In this work, we present an outline on the major security challenges faced by cyber-physical production systems. While many of these challenges harken back to issues also present in traditional web based IT, we will thoroughly analyze the differences. Still, many new attack vectors appeared in the past, either in practical attacks like Stuxnet, or in theoretical work. These attack vectors use specific features or design elements of cyber-physical systems to their advantage and are unparalleled in traditional IT. Furthermore, many mitigation strategies prevalent in traditional IT systems are not applicable in the industrial world, e.g. patching, thus, rendering traditional strategies in IT-Security unfeasible. A through discussion of the major challenges in CPPS-Security is thus required in order to focus research on the most important targets.}, language = {en}, publisher = {Springer, Cham}, author = {Kieseberg, Peter and Weippl, Edgar}, month = jan, year = {2018}, keywords = {Center for Artificial Intelligence, Extern, peer-reviewed}, pages = {14}, } @inproceedings{amiri_sensitive_2018, address = {Venice, Italy}, title = {Sensitive {Data} {Anonymization} {Using} {Genetic} {Algorithms} for {SOM}-based {Clustering}}, isbn = {978-1-61208-661-3}, abstract = {Improving privacy protection by using smart methods has become a major focus in current research. However, despite all the technological compensations through analyzing privacy concerns, the literature does not yet provide evidence of frameworks and methods that enable privacy protection from multiple perspectives and take into account the privacy of sensitive data with regard to accuracy and efficiency of the general processes in the system. In our work, we focus on sensitive data protection based on the idea of a Self-Organizing Map (SOM) and try to anonymize sensitive data with Genetic Algorithms (GAs) techniques in order to improve privacy without significantly deteriorating the accuracy and efficiency of the overall process. We organize the dataset in subspaces according to their information theoretical distance to each other in distributed local servers and then generalize attribute values to the minimum extent required so that both the data disclosure probability and the information loss are kept to a negligible minimum. Our analysis shows that our protocol offers clustering without greatly exposing individual privacy and causes only negligible superfluous costs and information loss because of privacy requirements.}, language = {en}, publisher = {IARIA}, author = {Amiri, Fatemeh and Quirchmayr, Gerald and Kieseberg, Peter}, month = sep, year = {2018}, keywords = {Center for Artificial Intelligence, Center for Digital Health Innovation, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, peer-reviewed}, pages = {9}, } @book{cd-make_machine_2018, address = {Cham}, series = {Lecture notes in computer science}, title = {Machine learning and knowledge extraction: {Second} {IFIP} {TC} 5, {TC} 8/{WG} 8.4, 8.9, {TC} 12.9, {International} {Cross}-{Domain} {Conference}, {CD}-{MAKE} 2018, {Hamburg}, {Germany}, {August} 27–30, 2018: proceedings}, isbn = {978-3-319-99739-1 978-3-319-99740-7}, shorttitle = {Machine learning and knowledge extraction}, language = {en}, number = {11015}, publisher = {Springer}, author = {CD-MAKE}, editor = {Holzinger, Andreas and Kieseberg, Peter and Tjoa, A. Min and Weippl, Edgar R.}, collaborator = {International Federation for Information Processing and International Federation for Information Processing and International Federation for Information Processing}, year = {2018}, note = {OCLC: 1053827318}, keywords = {Center for Digital Health Innovation, FH SP Cyber Security, FH SP Data Analytics \& Visual Computing, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, best, peer-reviewed}, }