@article{holzinger_can_2018, title = {Can we trust {Machine} {Learning} {Results}? {Artificial} {Intelligence} in {Safety}-{Critical} decision {Support}}, volume = {112}, number = {1}, journal = {ERCIM News}, author = {Holzinger, Katharina and Mak, Klaus and Kieseberg, Peter and Holzinger, Andreas}, year = {2018}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, Wiss. Beitrag, peer-reviewed, ⛔ No DOI found}, pages = {42--43}, } @article{malle_need_2018, title = {The {Need} for {Speed} of {AI} {Applications}: {Performance} {Comparison} of {Native} vs. {Browser}-based {Algorithm} {Implementations}}, shorttitle = {The {Need} for {Speed} of {AI} {Applications}}, url = {http://arxiv.org/abs/1802.03707}, abstract = {AI applications pose increasing demands on performance, so it is not surprising that the era of client-side distributed software is becoming important. On top of many AI applications already using mobile hardware, and even browsers for computationally demanding AI applications, we are already witnessing the emergence of client-side (federated) machine learning algorithms, driven by the interests of large corporations and startups alike. Apart from mathematical and algorithmic concerns, this trend especially demands new levels of computational efficiency from client environments. Consequently, this paper deals with the question of state-of-the-art performance by presenting a comparison study between native code and different browser-based implementations: JavaScript, ASM.js as well as WebAssembly on a representative mix of algorithms. Our results show that current efforts in runtime optimization push the boundaries well towards (and even beyond) native binary performance. We analyze the results obtained and speculate on the reasons behind some surprises, rounding the paper off by outlining future possibilities as well as some of our own research efforts.}, language = {en}, urldate = {2019-01-23}, journal = {arXiv:1802.03707 [cs, stat]}, author = {Malle, Bernd and Giuliani, Nicola and Kieseberg, Peter and Holzinger, Andreas}, month = feb, year = {2018}, note = {arXiv: 1802.03707}, keywords = {Center for Artificial Intelligence, FH SP Data Analytics \& Visual Computing, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, Wiss. Beitrag, ⛔ No DOI found}, } @article{kieseberg_forensics_2017, title = {Forensics using {Internal} {Database} {Structures}}, url = {http://ercim-news.ercim.eu/images/stories/EN108/EN108-web.pdf}, number = {108}, journal = {ERCIM News}, author = {Kieseberg, Peter and Weippl, Edgar and Schrittwieser, Sebastian}, year = {2017}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_forensics_2016, title = {Forensics using {Internal} {Database} {Structures}}, number = {108}, journal = {ERCIM News}, author = {Kieseberg, Peter and Weippl, Edgar and Schrittwieser, Sebastian}, year = {2016}, note = {Projekt: TARGET}, keywords = {Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_security_2017, title = {Security {Testing} for {Mobile} {Applications}}, volume = {109}, url = {https://www.sba-research.org/wp-content/uploads/publications/201704 - KIESEBERG - Pages from EN109-web.pdf}, journal = {ERCIM News}, author = {Kieseberg, Peter and Frühwirt, Peter and Schrittwieser, Sebastian}, year = {2017}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, pages = {52--53}, } @article{malle_privacy_2016, title = {Privacy {Aware} {Machine} {Learning} and the {Right} to be {Forgotten}}, number = {107}, journal = {ERCIM News}, author = {Malle, Bernd and Kieseberg, Peter and Schrittwieser, Sebastian and Holzinger, Andreas}, year = {2016}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Center for Digital Health Innovation, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_detection_2016, title = {Detection of {Data} {Leaks} in {Collaborative} {Data} {Driven} {Research}}, number = {105}, journal = {ERCIM News}, author = {Kieseberg, Peter and Weippl, Edgar and Schrittwieser, Sebastian}, year = {2016}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_distortion_2019, title = {Distortion in {Real}-{World} {Analytic} {Processes}}, volume = {118}, journal = {ERCIM News}, author = {Kieseberg, Peter and Klausner, Lukas Daniel and Holzinger, Andreas}, year = {2019}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, Wiss. Beitrag, ⛔ No DOI found}, pages = {49--50}, } @article{kieseberg_algorithm_2014, title = {An algorithm for collusion-resistant anonymization and fingerprinting of sensitive microdata}, journal = {Special Issue on Security and Privacy in Business Networking}, author = {Kieseberg, Peter and Schrittwieser, Sebastian and Mulazzani, Martin and Echizen, Isao and Weippl, Edgar}, year = {2014}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec Security Management \& Privacy, peer-reviewed, ⛔ No DOI found}, } @inproceedings{kieseberg_security_2015, title = {Security tests for mobile applications - {Why} using {TLS} or {SSL} is not enough}, doi = {10/gnt2t7}, booktitle = {2015 {IEEE} {Eighth} {International} {Conference} on {Software} {Testing}, {Verification} and {Validation} {Workshops} ({ICSTW})}, author = {Kieseberg, Peter and Fruehwirt, Peter and Schrittwieser, Sebastian and Weippl, Edgar R.}, year = {2015}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec System \& Application Security, peer-reviewed}, } @inproceedings{fruehwirt_innodb_2014, title = {{InnoDB} {Datenbank} {Forensik} – {Rekonstruktion} von {Abfragen} über {Datenbank}-interne {Logfiles}}, booktitle = {{GI} {Sicherheit} 2014}, author = {Fruehwirt, Peter and Kieseberg, Peter and Hochreiner, Christoph and Schrittwieser, Sebastian and Weippl, Edgar}, year = {2014}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Präsentation, Publikationstyp Schriftpublikation, SP IT Sec System \& Application Security, peer-reviewed, ⛔ No DOI found}, } @inproceedings{fadai_trust_2015, title = {Trust me, {I} am a {Root} {CA}! {Analyzing} {SSL} {Root} {CAs} in modern {Browsers} and {Operating} {Systems}}, booktitle = {International {Conference} on {Availability}, {Reliability} and {Security} ({ARES})}, author = {Fadai, Tariq and Schrittwieser, Sebastian and Kieseberg, Peter and Mulazzani, Martin}, year = {2015}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec System \& Application Security, peer-reviewed, ⛔ No DOI found}, } @article{kieseberg_testen_2017, title = {Das {Testen} von {Algorithmen} in sensibler datengetriebener {Forschung}}, url = {http://fa-wi-maw.gi.de/fileadmin/gliederungen/fg-maw/Rundbriefe/GI_Rundbrief_41_JG23_Online.pdf}, journal = {Rundbrief des Fachausschusses Management der Anwendungsentwicklung und -wartung (WI-MAW)}, author = {Kieseberg, Peter and Schrittwieser, Sebastian and Malle, Bernd and Weippl, Edgar}, year = {2017}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, SP IT Sec Applied Security \& Data Science, peer-reviewed, ⛔ No DOI found}, } @inproceedings{kieseberg_real-time_2017, title = {Real-time {Forensics} through {Endpoint} {Visibility}}, url = {https://www.sba-research.org/wp-content/uploads/publications/fleetForensics.pdf}, author = {Kieseberg, Peter and Neuner, Sebastian and Schrittwieser, Sebastian and Schmiedecker, Martin}, year = {2017}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Josef Ressel Zentrum TARGET, Publikationstyp Schriftpublikation, SP IT Sec Security Management \& Privacy, peer-reviewed, ⛔ No DOI found}, } @inproceedings{amiri_machine_2018, address = {Porto, Portugal}, title = {A {Machine} {Learning} {Approach} for {Privacy}-preservation in {E}-business {Applications}:}, isbn = {978-989-758-319-3}, shorttitle = {A {Machine} {Learning} {Approach} for {Privacy}-preservation in {E}-business {Applications}}, url = {http://www.scitepress.org/DigitalLibrary/Link.aspx?doi=10.5220/0006826304430452}, doi = {10/gh38cd}, language = {en}, urldate = {2019-01-23}, booktitle = {Proceedings of the 15th {International} {Joint} {Conference} on e-{Business} and {Telecommunications}}, publisher = {SCITEPRESS - Science and Technology Publications}, author = {Amiri, Fatemeh and Quirchmayr, Gerald and Kieseberg, Peter}, year = {2018}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, best, peer-reviewed}, pages = {443--452}, } @inproceedings{rottermanner_privacy_2015, title = {Privacy and {Data} {Protection} in {Smartphone} {Messengers}}, doi = {10/gh3746}, booktitle = {Proceedings of the 17th {International} {Conference} on {Information} {Integration} and {Web}-based {Applications} {Services} ({iiWAS2015})}, author = {Rottermanner, C and Kieseberg, Peter and Huber, Markus and Schmiedecker, M and Schrittwieser, Sebastian}, year = {2015}, note = {Projekt: TARGET}, keywords = {Center for Artificial Intelligence, Department Technologie, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation}, } @inproceedings{mueller_security_2015, title = {Security and privacy of smartphone messaging applications}, volume = {11}, doi = {10/gh372v}, booktitle = {International {Journal} of {Pervasive} {Computing} and {Communications}}, author = {Mueller, Robin and Schrittwieser, Sebastian and Fruehwirt, Peter and Kieseberg, Peter and Weippl, Edgar}, year = {2015}, keywords = {Center for Artificial Intelligence, Department Technologie, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Schriftpublikation, SP IT Sec System \& Application Security, peer-reviewed}, } @inproceedings{kieseberg_structural_2018, address = {Ljubljana, Slovenia}, title = {Structural {Limitations} of {B}+-{Tree} forensics}, isbn = {978-1-4503-6515-4}, url = {http://dl.acm.org/citation.cfm?doid=3277570.3277579}, doi = {10/gh372c}, abstract = {Despite the importance of databases in virtually all data driven applications, database forensics is still not the thriving topic it ought to be. Many database management systems (DBMSs) structure the data in the form of trees, most notably B+-Trees. Since the tree structure is depending on the characteristics of the INSERT-order, it can be used in order to generate information on later manipulations, as was shown in a previously published approach.}, language = {en}, urldate = {2019-01-23}, booktitle = {Proceedings of the {Central} {European} {Cybersecurity} {Conference} 2018 on - {CECC} 2018}, publisher = {ACM Press}, author = {Kieseberg, Peter and Schrittwieser, Sebastian and Weippl, Edgar}, year = {2018}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Vortrag, best, peer-reviewed}, pages = {1--4}, } @incollection{holzinger_explainable_2018, address = {Cham}, title = {Explainable {AI}: {The} {New} 42?}, volume = {11015}, isbn = {978-3-319-99739-1 978-3-319-99740-7}, shorttitle = {Explainable {AI}}, url = {http://link.springer.com/10.1007/978-3-319-99740-7_21}, abstract = {Explainable AI is not a new field. Since at least the early exploitation of C.S. Pierce’s abductive reasoning in expert systems of the 1980s, there were reasoning architectures to support an explanation function for complex AI systems, including applications in medical diagnosis, complex multi-component design, and reasoning about the real world. So explainability is at least as old as early AI, and a natural consequence of the design of AI systems. While early expert systems consisted of handcrafted knowledge bases that enabled reasoning over narrowly well-defined domains (e.g., INTERNIST, MYCIN), such systems had no learning capabilities and had only primitive uncertainty handling. But the evolution of formal reasoning architectures to incorporate principled probabilistic reasoning helped address the capture and use of uncertain knowledge.}, language = {en}, urldate = {2019-01-23}, booktitle = {Machine {Learning} and {Knowledge} {Extraction}}, publisher = {Springer International Publishing}, author = {Goebel, Randy and Chander, Ajay and Holzinger, Katharina and Lecue, Freddy and Akata, Zeynep and Stumpf, Simone and Kieseberg, Peter and Holzinger, Andreas}, editor = {Holzinger, Andreas and Kieseberg, Peter and Tjoa, A Min and Weippl, Edgar}, year = {2018}, doi = {10.1007/978-3-319-99740-7_21}, keywords = {Center for Artificial Intelligence, Center for Digital Health Innovation, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, best, peer-reviewed}, pages = {295--303}, } @incollection{holzinger_current_2018, address = {Cham}, title = {Current {Advances}, {Trends} and {Challenges} of {Machine} {Learning} and {Knowledge} {Extraction}: {From} {Machine} {Learning} to {Explainable} {AI}}, volume = {11015}, isbn = {978-3-319-99739-1 978-3-319-99740-7}, shorttitle = {Current {Advances}, {Trends} and {Challenges} of {Machine} {Learning} and {Knowledge} {Extraction}}, url = {http://link.springer.com/10.1007/978-3-319-99740-7_1}, abstract = {In this short editorial we present some thoughts on present and future trends in Artificial Intelligence (AI) generally, and Machine Learning (ML) specifically. Due to the huge ongoing success in machine learning, particularly in statistical learning from big data, there is rising interest of academia, industry and the public in this field. Industry is investing heavily in AI, and spin-offs and start-ups are emerging on an unprecedented rate. The European Union is allocating a lot of additional funding into AI research grants, and various institutions are calling for a joint European AI research institute. Even universities are taking AI/ML into their curricula and strategic plans. Finally, even the people on the street talk about it, and if grandma knows what her grandson is doing in his new start-up, then the time is ripe: We are reaching a new AI spring. However, as fantastic current approaches seem to be, there are still huge problems to be solved: the best performing models lack transparency, hence are considered to be black boxes. The general and worldwide trends in privacy, data protection, safety and security make such black box solutions difficult to use in practice. Specifically in Europe, where the new General Data Protection Regulation (GDPR) came into effect on May, 28, 2018 which affects everybody (right of explanation). Consequently, a previous niche field for many years, explainable AI, explodes in importance. For the future, we envision a fruitful marriage between classic logical approaches (ontologies) with statistical approaches which may lead to context-adaptive systems (stochastic ontologies) that might work similar as the human brain.}, language = {en}, urldate = {2019-01-23}, booktitle = {Machine {Learning} and {Knowledge} {Extraction}}, publisher = {Springer International Publishing}, author = {Holzinger, Andreas and Kieseberg, Peter and Weippl, Edgar and Tjoa, A Min}, editor = {Holzinger, Andreas and Kieseberg, Peter and Tjoa, A Min and Weippl, Edgar}, year = {2018}, doi = {10.1007/978-3-319-99740-7_1}, keywords = {Center for Artificial Intelligence, Center for Digital Health Innovation, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, best, peer-reviewed}, pages = {1--8}, } @misc{kieseberg_privacy_2019, address = {Novomatic Forum, Vienna, Austria}, title = {Privacy {Aware} {Machine} {Learning} in {Health} {Informatics}}, author = {Kieseberg, Peter}, month = may, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science}, } @misc{kieseberg_darknet_2019, address = {Planetarium Wien}, title = {Das {Darknet}}, author = {Kieseberg, Peter}, month = mar, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy}, } @misc{kieseberg_federated_2019, address = {Fachhochschule St. Pölten}, title = {Federated {Machine} {Learning} in {Health} {Informatics}}, author = {Kieseberg, Peter}, month = feb, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science}, } @misc{kieseberg_privacy_2019-1, address = {FH St. Pölten}, title = {Privacy {Diskussion}: {Wie} viel sind {Sie} wert?}, author = {Kieseberg, Peter}, month = jan, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy}, } @misc{kieseberg_bitcoin_2019, address = {Fachhochschule St. Pölten}, title = {Bitcoin vs. {Blockchain}}, author = {Kieseberg, Peter}, month = jan, year = {2019}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec System \& Application Security}, } @inproceedings{winkler_towards_2019, address = {Vienna, Austria}, series = {{LNBIP}}, title = {Towards a {Flexible} and {Secure} {Round}-{Trip}-{Engineering} {Process} for {Production} {Systems} {Engineering} with {Agile} {Practices}}, volume = {LNBIP 338}, isbn = {978-3-030-05766-4}, abstract = {In Production Systems Engineering (PSE), many projects conceptually follow the plan of traditional waterfall processes with sequential process steps, while engineers actually work in parallel and distributed groups following a Round-Trip-Engineering (RTE) process. RTE processes focus on concurrent engineering plan updates along the engineering process. Thus, there is a need for frequent synchronization in a secure way to enable engineers building on a stable and baseline of engineering data. Unfortunately, the applied RTE process in PSE is coarse-grained, i.e., often data are exchanged via E-Mail and integrated seldom and inefficiently as the RTE process is not well supported by methods and tools that facilitate efficient data exchange. In this paper, we introduce and initially evaluate an efficient and secure RTE process for PSE, augmented with agile practices from business informatics, and discuss security concerns and risks. First results show that the augmented RTE process can provide strong benefits from agile practices for the collaboration of engineers. Security practices can be added but need to be balanced well regarding sufficient mitigation of security risks and extra effort for engineers to ensure an overall benefit to both engineers and the management.}, language = {English}, booktitle = {Software {Quality} - {The} complexity and challenges of {Software} {Engineering} and {Software} {Quality} in the {Cloud}}, publisher = {Springer}, author = {Winkler, Dietmar and Rinker, Felix and Kieseberg, Peter}, month = jan, year = {2019}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, Publikationstyp Konferenz-Paper, Vortrag, peer-reviewed}, pages = {14--130}, } @misc{kieseberg_datenschutzmanagement_2018, address = {Donau-Uni Krems}, title = {Datenschutzmanagement und - organisation}, author = {Kieseberg, Peter}, month = apr, year = {2018}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, Vortrag}, } @misc{kieseberg_digitale_2018, address = {FH Wr. Neustadt}, title = {Digitale {Forensik}}, author = {Kieseberg, Peter}, month = jan, year = {2018}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, Vortrag}, } @article{kieseberg_data_2018, title = {Data {Literacy}}, journal = {ÖKZ}, author = {Kieseberg, Peter}, month = jan, year = {2018}, keywords = {Center for Artificial Intelligence, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy}, } @misc{kieseberg_darknet_2018, address = {Vienna, VHS Urania}, title = {Das {Darknet}}, author = {Kieseberg, Peter}, month = nov, year = {2018}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, Vortrag}, } @misc{kieseberg_privacy_2018, address = {FH St. Pölten}, title = {Privacy {Diskussion}: {Wie} viel sind {Sie} wert?}, author = {Kieseberg, Peter}, month = jan, year = {2018}, keywords = {FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, Vortrag}, } @incollection{kaundert_evaluierung_2018, title = {Evaluierung des {Cyber} {Lagebildkonzepts} im praktischen {Einsatz}}, abstract = {Der im Rahmen des CISA Projektes erstellte technische Demonstrator wurde in einer eintägigen, iterativen Planspielübung analysiert und für einen möglichen Realeinsatz evaluiert. Die praktische Anwendung des Demonstrators durch die Teilnehmenden stellte einen Abgleich der entwickelten Cyber Incident Situational Awareness (CISA) -Definition mit einer möglichen Anwendungsrealität dar und agierte als Feuerprobe für die Nützlichkeit der dargestellten Datentypen und -verknüpfungen zur Lagebeurteilung durch Identifikation von Schwachstellen in den verwendeten Visualisierungsoptionen. Diese Tauglichkeitsprüfung soll zur Schärfung der Bedürfnisse – einerseits für die Nutzung von Daten zur Lagebeurteilung, andererseits für die Schulung zukünftiger Operateure – beitragen.}, booktitle = {Cyber {Situational} {Awareness} in {Public}-{Private}-{Partnerships}}, publisher = {Springer Vieweg, Berlin, Heidelberg}, author = {Kaundert, Miriam and Ziegler, Louis and Pahi, Timea and Skopik, Florian and Leitner, Maria and Kieseberg, Peter and Schwanzer, Bernhard and Ampia-Addison, John Kojo}, year = {2018}, keywords = {Center for Artificial Intelligence, Extern}, pages = {293--344}, } @incollection{kieseberg_informationsanalysekonzept_2018, title = {Informationsanalysekonzept zur {Erstellung} von {Cyber}-{Lagebildern} in {PPPs}}, abstract = {Jedes informationsverarbeitende System ist in seiner Qualität sehr stark von der Verarbeitung der gesammelten Informationen abhängig. Speziell zur Konstruktion eines sinnvollen Lagebilds ist die Bewertung und Aggregierung von Daten von besonderer Bedeutung, um Muster und Gemeinsamkeiten scheinbar isolierter Incidents erkennen und darstellen zu können. Zusätzlich wird durch die potenzielle Einbindung automatisiert gesammelter Informationen, wie bspw. durch Sensoren in kritischen Netzabschnitten und wichtigen Infrastrukturen, die Informationsmenge exponentiell erhöht. Im Rahmen dieses Kapitels stellen wir eine Architektur vor, die den Ansprüchen eines modernen Lagezentrums genügt, wobei auch auf österreichische Spezifika, wie die Einbindung von sog. „First Respondern“, Rücksicht genommen wird.}, booktitle = {Cyber {Situational} {Awareness} in {Public}-{Private}-{Partnerships}}, publisher = {Springer Vieweg, Berlin, Heidelberg}, author = {Kieseberg, Peter and Skopik, Florian and Pahi, Timea and Leitner, Maria and Fiedler, Roman}, year = {2018}, keywords = {Center for Artificial Intelligence, Extern}, pages = {237--291}, } @incollection{pahi_erhebung_2018, title = {Erhebung von {Informations}-und {Datenquellen} für {Cyber}-{Lagebilder}}, abstract = {Ein Cyber-Lagezentrum ist eine zentrale Organisationseinheit, in der alle relevanten Informationen über Sicherheitsvorfälle zur Aufarbeitung und Bewertung zusammenlaufen. In diesem Zusammenhang sind die richtigen Informations- und Datenquellen unverzichtbare Bestandteile bei der Erstellung von Cyber-Lagebildern. Durch die Auswertung von zahlreichen Informationen und Daten kann das Situationsbewusstsein über den Zustand kritischer und wesentlicher Infrastrukturen auf unterschiedlichen Ebenen entstehen. Dazu ist es essenziell, die relevanten Quellen nutzbar zu machen. Die Etablierung der Lagebilder benötigt die Kombination und Korrelation eines breiten Spektrums unterschiedlicher Daten. Daher wird in diesem Kapitel eine Kategorisierung von Informationen und Daten für Cyber-Lagebilder eingeführt. Informationen werden entweder zum Kernlagebild oder zum Kontext gezählt.}, booktitle = {Cyber {Situational} {Awareness} in {Public}-{Private}-{Partnerships}}, publisher = {Springer Vieweg, Berlin, Heidelberg}, author = {Pahi, Timea and Skopik, Florian and Kieseberg, Peter and Leitner, Maria}, year = {2018}, keywords = {Center for Artificial Intelligence, Extern}, pages = {191--236}, } @inproceedings{kieseberg_security_2018, title = {Security {Challenges} in {Cyber}-{Phyiscal} {Production} {Systems}}, abstract = {Within the last decade, Security became a major focus in the traditional IT-Industry, mainly through the interconnection of systems and especially through the connection to the Internet, especially for reasons of introducing new services and products. This opened up a huge new attack surface, which resulted in major takedowns of legitimate services and new forms of crime and destruction. This led to the development of a multitude of new defense mechanisms and strategies, as well as the establishing of Security procedures on both, organizational and technical level. Production Systems have mostly remained in isolation during these past years, with security typically focused on the perimeter. Now, with the introduction of new paradigms like Industry 4.0, this isolation is questioned heavily with Physical Production Systems now connected to an IT-world resulting in cyber-physical systems sharing the attack surface of traditional web based interfaces while featuring completely different goals, parameters like lifetime and safety, as well as construction. In this work, we present an outline on the major security challenges faced by cyber-physical production systems. While many of these challenges harken back to issues also present in traditional web based IT, we will thoroughly analyze the differences. Still, many new attack vectors appeared in the past, either in practical attacks like Stuxnet, or in theoretical work. These attack vectors use specific features or design elements of cyber-physical systems to their advantage and are unparalleled in traditional IT. Furthermore, many mitigation strategies prevalent in traditional IT systems are not applicable in the industrial world, e.g. patching, thus, rendering traditional strategies in IT-Security unfeasible. A through discussion of the major challenges in CPPS-Security is thus required in order to focus research on the most important targets.}, language = {en}, publisher = {Springer, Cham}, author = {Kieseberg, Peter and Weippl, Edgar}, month = jan, year = {2018}, keywords = {Center for Artificial Intelligence, Extern, peer-reviewed}, pages = {14}, } @inproceedings{amiri_sensitive_2018, address = {Venice, Italy}, title = {Sensitive {Data} {Anonymization} {Using} {Genetic} {Algorithms} for {SOM}-based {Clustering}}, isbn = {978-1-61208-661-3}, abstract = {Improving privacy protection by using smart methods has become a major focus in current research. However, despite all the technological compensations through analyzing privacy concerns, the literature does not yet provide evidence of frameworks and methods that enable privacy protection from multiple perspectives and take into account the privacy of sensitive data with regard to accuracy and efficiency of the general processes in the system. In our work, we focus on sensitive data protection based on the idea of a Self-Organizing Map (SOM) and try to anonymize sensitive data with Genetic Algorithms (GAs) techniques in order to improve privacy without significantly deteriorating the accuracy and efficiency of the overall process. We organize the dataset in subspaces according to their information theoretical distance to each other in distributed local servers and then generalize attribute values to the minimum extent required so that both the data disclosure probability and the information loss are kept to a negligible minimum. Our analysis shows that our protocol offers clustering without greatly exposing individual privacy and causes only negligible superfluous costs and information loss because of privacy requirements.}, language = {en}, publisher = {IARIA}, author = {Amiri, Fatemeh and Quirchmayr, Gerald and Kieseberg, Peter}, month = sep, year = {2018}, keywords = {Center for Artificial Intelligence, Center for Digital Health Innovation, FH SP Cyber Security, Forschungsgruppe Secure Societies, Institut für IT Sicherheitsforschung, SP IT Sec Security Management \& Privacy, peer-reviewed}, pages = {9}, } @book{cd-make_machine_2018, address = {Cham}, series = {Lecture notes in computer science}, title = {Machine learning and knowledge extraction: {Second} {IFIP} {TC} 5, {TC} 8/{WG} 8.4, 8.9, {TC} 12.9, {International} {Cross}-{Domain} {Conference}, {CD}-{MAKE} 2018, {Hamburg}, {Germany}, {August} 27–30, 2018: proceedings}, isbn = {978-3-319-99739-1 978-3-319-99740-7}, shorttitle = {Machine learning and knowledge extraction}, language = {en}, number = {11015}, publisher = {Springer}, author = {CD-MAKE}, editor = {Holzinger, Andreas and Kieseberg, Peter and Tjoa, A. Min and Weippl, Edgar R.}, collaborator = {International Federation for Information Processing and International Federation for Information Processing and International Federation for Information Processing}, year = {2018}, note = {OCLC: 1053827318}, keywords = {Center for Digital Health Innovation, FH SP Cyber Security, FH SP Data Analytics \& Visual Computing, Institut für IT Sicherheitsforschung, SP IT Sec Applied Security \& Data Science, best, peer-reviewed}, }