Forschungs­ergebnisse

Übersicht

Die zentralen Forschungsergebnisse von CONTAIN sind:

  • CONTAIN-Rahmenwerk für effektive und effiziente Bewältigung von Cybervorfällen
  • Serious Games zur verbesserten Unterstützung in der Vorbereitung
  • Simulationsmodelle zur Darstellung von Abläufen und Auswirkungen
  • Referenzszenare, Vorgehensmodelle, Roadmap für Auditierung und Zertifizierung
  • Vorgehen für Liquidität in der Krise und Zusammenarbeit mit Cloud- und Logistikdienstleistungsunternehmen
  • Informationssicherheitsmaßnahmen und Security-by-Design-Lösungen für digitale Währungen
  • Methoden zur Durchführung von Übungen

Serious Games

Spielerisch zu mehr IT-Sicherheit

PDF downloaden

CONTAIN Monitor

Resilienz angesichts von Ransomware:
Einblicke in die Praxis

PDF downloaden

Publikationen

  • Zhao, T., Gasiba, T., Lechner, U., Pinto-Albuquerque, M., Ongu, D. (2024). COPYCAT: Applying Serious Games in Industry for Defending Supply Chain Attack. In: Phillipson, F., Eichler, G., Erfurth, C., Fahrnberger, G. (eds) Innovations for Community Services. I4CS 2024. Communications in Computer and Information Science, vol 2109. Springer, Cham. https://doi.org/10.1007/978-3-031-60433-1_18
  • Seiler, A., Lechner, U., Strussenberg, J., Hofbauer, S. (2024). Operation Raven. In: Phillipson, F., Eichler, G., Erfurth, C., Fahrnberger, G. (eds) Innovations for Community Services. I4CS 2024. Communications in Computer and Information Science, vol 2109. Springer, Cham. https://doi.org/10.1007/978-3-031-60433-1_19
  • Iosif, A.-C., et al (2023). Raising Awareness in the Industry on Secure Code Review Practices in IARIA CYBER23. Full text available: https://www.thinkmind.org/articles/cyber_2023_1_100_80050.pdf
  • Zhao, T. et al. (2023). An ontology-based model for evaluating cloud attack scenarios in CATS – a serious game in cloud security in ICE/ITMC 2023. https://doi.org/10.1109/ICE/ITMC58018.2023.10332371
  • Iosif, A.-C., et al (2024). Cybersecurity Awareness Training for Industrial Software Developers via a Serious Game for Code ReviewWirtschaftsinformatik 2024 Proceedings (p.60). Full text available: https://aisel.aisnet.org/wi2024/60?utm_source=aisel.aisnet.org%2Fwi2024%2F60&utm_medium=PDF&utm_campaign=PDFCoverPages
  • Iosif, A.-C., et al (2024). Code Review for CyberSecurity in the Industry: Insights from Gameplay Analytics, in ICPEC’24 https://doi.org/10.4230/OASIcs.ICPEC.2024.14
  • Iosif, A.-C., et al (2024). To Kill a Mocking Bug: Open Source Repo Mining of Security Patches for Programming Education, in ICPEC’24. https://doi.org/10.4230/OASIcs.ICPEC.2024.16
  • Zhao, T. et al. (2024). A Deep Dive Into CATS Evaluator Algorithm: Quantification Of The Probability in Serious Game Cloud Security Defense Scenarios, in CSEE&T 2024 https://doi.org/10.1109/CSEET62301.2024.10663050
  • Zhao, T. et al. (2024). Thriving in the era of hybrid work: Raising cybersecurity awareness using serious games in industry trainings, in Journal of Systems and Software , Vol. 210 (Journal first submission CSEE&T) https://doi.org/10.1016/j.jss.2023.111946
  • Iosif, A.-C., et al (2024). Serious Game for Industrial Cybersecurity: Experiential Learning Through Code Review, in CSEE&T’24 https://doi.org/10.1109/CSEET62301.2024.10663058
  • Greiner, M. et al. (2024). Scared? Prepared? Toward a Ransomware Incident Response Scenario. In: Phillipson, F., Eichler, G., Erfurth, C., Fahrnberger, G. (eds) Innovations for Community Services. I4CS 2024. Communications in Computer and Information Science, vol 2109. Springer, Cham. https://doi.org/10.1007/978-3-031-60433-1_17
  • Friedl, S., Reittinger, T., Pernul, G. (2024). Digital Detectives: A Serious Point-and-Click Game for Digital Forensics. In: Drevin, L., Leung, W.S., von Solms, S. (eds) Information Security Education – Challenges in the Digital Age. WISE 2024. IFIP Advances in Information and Communication Technology, vol 707. Springer, Cham. https://doi.org/10.1007/978-3-031-62918-1_9
  • Friedl, S., Reittinger, T., Pernul, G. (2024). From Play to Profession: A Serious Game to Raise Awareness on Digital Forensics. In: Ferrara, A.L., Krishnan, R. (eds) Data and Applications Security and Privacy XXXVIII. DBSec 2024. Lecture Notes in Computer Science, vol 14901. Springer, Cham. https://doi.org/10.1007/978-3-031-65172-4_17
  • Terru Stübinger, Lars Hupel: Go Code Generation for Isabelle. Archive of Formal Proofs, 2024. https://www.isa-afp.org/entries/Go.html
  • Lars Hupel: Interoperability aspects of CBDC across ecosystems and borders. Journal of Payments Strategy & Systems, 2023. https://doi.org/10.69554/MBDJ6710 (full text: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4636197)
  • Terru Stübinger, Lars Hupel: Extending Isabelle/HOL’s Code Generator with support for the Go programming language. Formal Methods, 2024 (to appear). http://arxiv.org/abs/2310.02704
  • Lars Hupel, Makan Rafiee: How does post-quantum cryptography affect Central Bank Digital Currency? UbiSec, 2023. https://doi.org/10.1007/978-981-97-1274-8_4 (full text: http://arxiv.org/abs/2308.15787)
  • Reittinger, T., Glas, M., Aminzada, S., Pernul, G. (2025). Employee Motivation in Organizational Cybersecurity: Matching Theory and Reality. In: Clarke, N., Furnell, S. (eds) Human Aspects of Information Security and Assurance. HAISA 2024. IFIP Advances in Information and Communication Technology, vol 721. Springer, Cham. https://doi.org/10.1007/978-3-031-72559-3_1
  • Schachenhofer, L., & Hirsch, P. (2024). Pharmaceutical Logistics under Cyberattack Conditions. 14th International Defense and Homeland Security Simulation Workshop, 004. doi: 10.46354/i3m.2024.dhss.004
  • Hupel, Lars (2024, December 1). A conceptual model for point-of-sale payment with retail central bank digital currency. In the Journal of Payments Strategy & Systems, Volume 18, Issue 4. https://doi.org/10.69554/ETQK2745.
  • Rafiee, M., & Hupel, L. (2024). How to design a Public Key Infrastructure for a Central Bank Digital Currency. arXiv preprint arXiv:2412.04051.
  • Strussenberg, J., Seidenfad, K., Greiner, M., Riesel, K., Biermann, J., Lechner, U. (2025). From Paper to Pixel: The Digitalization of a Serious Game. In: Zielinski, S., Eichler, G., Erfurth, C., Fahrnberger, G. (eds) Innovations for Community Services. I4CS 2025. Communications in Computer and Information Science, vol 2513. Springer, Cham. https://doi.org/10.1007/978-3-031-94263-1_18
  • Schachenhofer, L. et al. (2025). A Simulation-Oriented Approach to Securing Logistics Processes Based on the NIST CSF and OODA Loop. In: Zielinski, S., Eichler, G., Erfurth, C., Fahrnberger, G. (eds) Innovations for Community Services. I4CS 2025. Communications in Computer and Information Science, vol 2513. Springer, Cham. https://doi.org/10.1007/978-3-031-94263-1_20
  • Iosif, AC., Lechner, U., Pinto-Albuquerque, M. (2025). Bring Your Own Bug: Enabling User-Generated Content in Serious Games for Industrial Cybersecurity and AppSec Education. In: Zielinski, S., Eichler, G., Erfurth, C., Fahrnberger, G. (eds) Innovations for Community Services. I4CS 2025. Communications in Computer and Information Science, vol 2513. Springer, Cham. https://doi.org/10.1007/978-3-031-94263-1_17
  • Fahrnberger, G. et al. (2025). Cybersecurity Awareness Education by Making Ransomware Tangible Securely. In: Zielinski, S., Eichler, G., Erfurth, C., Fahrnberger, G. (eds) Innovations for Community Services. I4CS 2025. Communications in Computer and Information Science, vol 2513. Springer, Cham. https://doi.org/10.1007/978-3-031-94263-1_22
  • Tiange Zhao (2025) Raising Awareness of Cloud Security through a Serious Game, PhD Thesis, UniBW