ERBSE – Enable Risk-aware Behavior to Secure End-users

Project ERBSE – „Enable Risk-aware Behavior to Secure End-users” – aims at end-users as factors in IT security. Users compromise their own security and by extension the security of devices within their network through their behavior. The optimal level of security is degraded by lacking, maladaptive or inadequate action. Consequently, the research foci of ERBSE are twofold: The first goal is technical – to find out what knowledge is actually necessary. The second is didactic – to find out how to convey that knowledge. ERBSE will integrate both questions in order to design, implement, and evaluate game-based learning interventions that improve IT security for end-users.

Principal Investigators (PIs):

Prof. Dr.-Ing. Ulrike Meyer
Lehr- und Forschungsgebiet IT-Sicherheit
Fachgruppe Informatik
RWTH Aachen

Prof. Dr.-Ing. Martin R. Wolf
Lehrgebiet Management von Informationstechnologie
Fachhochschule Aachen

PhD Students

Klemens Köhler
ITOM – Labor für IT Organisation und Management
University of Applied Sciences Aachen

Vincent Drury
UMIC Research Centre
RWTH Aachen

Rene Röpke
Lehr- und Forschungsgebiet Informatik 9 – Learning Technologies
RWTH Aachen

Publications

• Ali, Lubna, Patrick Aufdermauer, René Röpke, and Ulrik Schroeder. “Ein Webbasiertes Tool zur Konvertierung von Bildungsmaterialien in OER.” In Ein Webbasiertes Tool zur Konvertierung von Bildungsmaterialien in OER. Gesellschaft für Informatik e.V., 2020. http://dl.gi.de/handle/20.500.12116/34201.
• Drury, V., and U. Meyer. “No Phishing With the Wrong Bait: Reducing the Phishing Risk by Address Separation.” In 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW), 646–52, 2020. https://doi.org/10.1109/EuroSPW51379.2020.00093.
• Ehlenz, Matthias, Birte Heinemann, Thiemo Leonhardt, René Röpke, Vlatko Lukarov, and Ulrik Schroeder. “Eine forschungspraktische Perspektive auf xAPI-Registries.” Gesellschaft für Informatik e.V., 2020. http://dl.gi.de/handle/20.500.12116/34179.
• Köhler, Klemens, and Martin R Wolf. “Organisatorische Maßnahmen Zu Erhöhung Der IT Sicherheit–Empfehlungen Aus Der Perspektive Der Konflikttheorie,” 2020.
• Roepke, Rene, Klemens Koehler, Vincent Drury, Ulrik Schroeder, Martin R. Wolf, and Ulrike Meyer. “A Pond Full of Phishing Games – Analysis of Learning Games for Anti-Phishing Education.” In Model-Driven Simulation and Training Environments for Cybersecurity, edited by George Hatzivasilis and Sotiris Ioannidis, 41–60. Lecture Notes in Computer Science. Cham: Springer International Publishing, 2020. https://doi.org/10.1007/978-3-030-62433-0_3.
• Schüller, Mario, Tamara Brettner, and Klemens Köhler. “Entwicklung Und Evaluierung Des Lernspiels „InnoV8“ Zur Verständnisförderung Im Bereich Wirtschaftsinformatik,” 2020.
• Zaric, Nadja, Manuel Gottschlich, Rene Röple, and Ulrik Schroeder. “Supporting Gamification with an Interactive Gamification Analytics Tool (IGAT).” In Addressing Global Challenges and Quality Education, edited by Carlos Alario-Hoyos, María Jesús Rodríguez-Triana, Maren Scheffel, Inmaculada Arnedillo-Sánchez, and Sebastian Maximilian Dennerlein, 461–66. Lecture Notes in Computer Science. Cham: Springer International Publishing, 2020. https://doi.org/10.1007/978-3-030-57717-9_45.
• Zaric, Nadja, Rene Röpke, Manuel Gottschlich, and Ulrik Schroeder. “Interactive Gamification Analytics Tool (IGAT).” In Games and Learning Alliance, edited by Iza Marfisi-Schottman, Francesco Bellotti, Ludovic Hamon, and Roland Klemke, 57–68. Lecture Notes in Computer Science. Cham: Springer International Publishing, 2020. https://doi.org/10.1007/978-3-030-63464-3_6.
• Köhler, Klemens, Rene Röpke, and Martin Wolf. “Serious Games for IT-Security and Why We Don’t Know What They Teach,” Annual Conferences of the International Simulation and Gaming Association (ISAGA 2019).
• Röpke, Rene, and Ulrik Schröder. “The Problem with Teaching Defence against the Dark Arts: A Review of Game-Based Learning Applications and Serious Games for Cyber Security Education,” 2019. http://insticc.org/node/TechnicalProgram/csedu/presentationDetails/77061.
• Vincent Drury and Ulrike Meyer. “Certified Phishing: Taking a Look at Public Key Certificates of Phishing Websites.” Symposium on Usable Privacy and Security 2019. In . https://www.usenix.org/conference/soups2019/presentation/drury.