Publications

Books

  1. Jens Grossklags and Bart Preneel (2017) Financial Cryptography and Data Security, Lecture Notes in Computer Science LNCS 9603, Springer Verlag. Publisher Site
  2. Jens Grossklags and Jean Walrand (2012) Decision and Game Theory for Security, Lecture Notes in Computer Science LNCS 7638, Springer Verlag. Publisher Site

Journal Articles

  1. Chen, M. & Grossklags, J. (2020) An Empirical Analysis of the Commercial Arm of the Chinese Social Credit System. Proceedings on Privacy Enhancing Technologies, 2020(4), pp. 89-110. Open Access
  2. Weidman, J., & Grossklags, J. (2020) Assessing the Current State of Information Security Policies in Academic Organizations. Information and Computer Security. 28(3), 423-444. Publisher Version
  3. Merlevede, J., Johnson, B., Grossklags, J., & Holvoet, T. (forthcoming) Exponential Discounting in Security Games of Timing. Journal of Cybersecurity.
  4. Muntean, P., Monperrus, M., Sun, H., Grossklags, J., & Eckert, C. (forthcoming) IntRepair: Informed Repairing of Integer Overflows. IEEE Transactions on Software Engineering. Accepted for publication. Author Version Author version (arXiv) Publisher Version (Early Access)
  5. Weidman, J., Aurite, W., & Grossklags, J. (2019) On Sharing Intentions, and Personal and Interdependent Privacy Considerations for Genetic Data: A Vignette Study. IEEE/ACM Transactions on Computational Biology and Bioinformatics, 16(4), 1349-1361. Publisher Site Free Access (ACM Authorizer)
  6. Reitter, D., & Grossklags, J. (2019) The Positive Impact of Task Familiarity, Risk Propensity and Need for Cognition on Observed Timing Decisions in a Security Game. Games, 10(4), Article No. 49. Open Access
  7. Esmaeilyfard, R., Hendessi, F., Manshaei, M.H. & Grossklags, J. (2019) A Game-theoretic Model for Users' Participation in Ephemeral Social Vehicular Networks, International Journal of Communication Systems, 32(12), Article No. e3998. Publisher Site
  8. Laszka, A., Johnson, B., & Grossklags, J. (2018) On the Assessment of Systematic Risk in Networked Systems. ACM Transactions on Internet Technology, 18(4), Article No. 48. Free Access (ACM Authorizer)
  9. Chronopoulos, M., Panaousis, E., & Grossklags, J. (2018) An Options Approach to Cybersecurity Investment. IEEE Access, 6(1), 12175-12186. Open Access      
  10. Guan, L., Farhang, S., Pu, Y., Guo, P., Grossklags, J., & Liu, P. (2018) VaultIME: Regaining User Control for Password Managers through Auto-correction. EAI Endorsed Transactions on Security and Safety, 4(14), Article No. e4. Open Access
  11. Zhao, M., Laszka, A., & Grossklags, J. (2017) Devising Effective Policies for Bug-Bounty Platforms and Security Vulnerability Discovery. Journal of Information Policy, 7, 372-418. Open Access
  12. Maillart, T., Zhao, M., Grossklags, J., & Chuang, J. (2017) Given Enough Eyeballs, All Bugs Are Shallow? Revisiting Eric Raymond with Bug Bounty Programs. Journal of Cybersecurity, 3(2), 81–90. Open Access
  13. Pu, Y. & Grossklags, J. (2016) Towards a Model on the Factors Influencing Social App Users' Valuation of Interdependent Privacy. Proceedings on Privacy Enhancing Technologies, 2016(2), 61-81. Open Access
  14. Lazar, J., Abascal, J., Barbosa, S., Barksdale, J., Friedman, B., Grossklags, J. et al. (2016) Human–Computer Interaction and International Public Policymaking: A Framework for Understanding and Taking Future Actions. Foundations and Trends in Human–Computer Interaction, 9(2), 69-149. Publisher Site
  15. Johnson, B., Schöttle, P., Laszka, A., Grossklags, J., & Böhme, R. (2015) Adaptive Steganography and Steganalysis with Fixed-Size Embedding. Springer Transactions on Data Hiding and Multimedia Security, 10, 69-91. Publisher Site
  16. Laszka, A., Johnson, B., Schöttle, P., Grossklags, J., & Böhme, R. (2014) Secure Team Composition to Thwart Insider Threats and Cyberespionage. ACM Transactions on Internet Technology, 14(2-3), Article No. 19. Free Access (ACM Authorizer)
  17. Nochenson, A., Grossklags, J., & Heimann, L. (2014) How Loss Profiles Reveal Behavioral Biases in Interdependent Security Decisions. International Journal of Internet Technology and Secured Transactions, 5(2), 105-116. Publisher Site
  18. Acquisti, A., & Grossklags, J. (2012) An Online Survey Experiment on Ambiguity and Privacy. Communications & Strategies, 88(4), 19-39. Open Access
  19. Bridges, F., Appel, L., & Grossklags, J. (2012) Young Adults' Online Participation Behaviors: An Exploratory Study of Web 2.0 Use for Political Engagement. Information Polity, 17(2), 163-176. Author Version Publisher Site
  20. Turow, J., Hoofnagle, C., Mulligan, D., Good, N., & Grossklags, J. (2008) The Federal Trade Commission and Consumer Privacy in the Coming Decade. I/S: A Journal of Law and Policy for the Information Society, 3(3), 723-749. Publisher Site Open Access
  21. Good, N., Grossklags, J., Thaw, D., Perzanowski, A., Mulligan, D., & Konstan, J. (2006) User Choices and Regret: Understanding Users' Decision Process about Consensually Acquired Spyware. I/S: A Journal of Law and Policy for the Information Society, 2(2), 283-344. Publisher Site Open Access
  22. Grossklags, J., & Schmidt, C. (2006) Software Agents and Market (In) Efficiency - A Human Trader Experiment. IEEE Transactions on System, Man, and Cybernetics: Part C, Special Issue on Game-theoretic Analysis & Simulation of Negotiation Agents, IEEE SMC, 36(1), 56-67. Author Version Publisher Site
  23. Acquisti, A., & Grossklags, J. (2005) Privacy and Rationality in Individual Decision Making. IEEE Security and Privacy, 3(1), 26-33. Author Version Publisher Site
  24. Ghose, A., Grossklags, J., & Chuang, J. (2003) Resilient Data-Centric Storage in Wireless Sensor Networks. IEEE Distributed Systems Online, 4(11). Author Version DBLP Record

Conference and Workshop Articles

  1. von Tschirschnitz, M., Peuckert, L., Franzen, F., & Grossklags, J. (2021) Method Confusion Attack on Bluetooth Pairing. Proceedings of the 42nd IEEE Symposium on Security and Privacy (S&P). To appear.
  2. Sundararaj, A., Knittl, S., & Grossklags, J. (2020) Challenges in IT Security Processes and Solution Approaches with Process Mining. Proceedings of the 16th International Workshop on Security and Trust Management (STM). Accepted.
  3. Hudock, A., Weidman, J., & Grossklags, J. (2020) Security Onboarding: An Interview Study on Security Training for Temporary Employees. Proceedings of Mensch und Computer (MuC). Accepted. Author Version
  4. Akgul, O., Eghtesad, T., Elazari, A., Gnawali, O., Grossklags, J., Votipka, D., & Laszka, A. (2020) The Hackers’ Viewpoint: Exploring Challenges and Benefits of Bug-Bounty Programs. Proceedings of the 6th Workshop on Security Information Workers (WSIW); 16th Symposium on Usable Privacy and Security. Accepted for Publication. Author Version
  5. Freudenreich, J., Weidman, J., & Grossklags, J. (2020) Responding to KRACK: Wi-Fi Security Awareness in Private Households. Proceedings of the Fourteenth IFIP International Symposium on Human Aspects of Information Security & Assurance (HAISA). Forthcoming. Author Version
  6. Farhang, S., Kirdan, M., Laszka, A., & Grossklags, J. (2020) An Empirical Study of Android Security Bulletins in Different Vendors. Proceedings of the Web Conference (WWW), pp. 3063-3069. Author Version Publisher Version GitHub Data
  7. Muntean, P., Neumayer, M., Lin, Z., Tan, G., Grossklags, J., & Eckert, C. (2019) Analyzing Control Flow Integrity with LLVM-CFI. Proceedings of the 35th Annual Computer Security Applications Conference (ACSAC), pp. 584-597. Acceptance rate = 22.6%. Author Version Free Access (ACM Authorizer)
  8. Billmann, M., Grossklags, J., Böhm, M., & Krcmar, H. (2019) The Differences in Data Sensitivity Perceptions Among Private and Workplace Health Apps: A Delphi Study. Proceedings of the 9th International Digital Public Health Conference (DPH), pp. 21-30. Author Version Free Access (ACM Authorizer)
  9. Bidgoli, M., Knijnenburg, B., Grossklags, J., & Wardman, B. (2019) Report Now. Report Effectively. Conceptualizing the Industry Practice for Cybercrime Reporting. Proceedings of the 2019 APWG Symposium on Electronic Crime Research (eCrime). Author Version Publisher Site
  10. Merlevede, J., Johnson, B., Grossklags, J., & Holvoet, T. (2019) Time-Dependent Strategies in Games of Timing. Proceedings of the Tenth Conference on Decision and Game Theory for Security (GameSec), pp. 310-330. Author Version Publisher Site
  11. Fischer, F., Xiao, H., Kao, C., Stachelscheid, Y., Johnson, B., Raza, D., Furley, P., Buckley, N., Böttinger, K., Muntean, P., & Grossklags, J. (2019) Stack Overflow Considered Helpful! Deep Learning Security Nudges Towards Stronger Cryptography. Proceedings of the 28th USENIX Security Symposium (USENIX Security), pp. 339-356. Acceptance rate = 16.2%. Author Version Publisher Version (Open Access) GitHub Data
  12. Petracca, G., Sun, Y., Reineh, A., Grossklags, J., McDaniel, P., & Jaeger, T. (2019) EnTrust: Regulating Sensor Access by Cooperating Programs via Delegation Graphs. Proceedings of the 28th USENIX Security Symposium (USENIX Security), pp. 567-584. Acceptance rate = 16.2%. Author Version Publisher Version (Open Access)
  13. Weidman, J., & Grossklags, J. (2019) The Acceptable State: An Analysis of the Current State of Acceptable Use Policies in Academic Institutions. Proceedings of the 27th European Conference on Information Systems (ECIS). Complete research paper. Author Version Publisher Site
  14. Engelmann, S., & Grossklags, J. (2019) Setting the Stage: Towards Principles for Reasonable Image Inferences. Workshop on Fairness in User Modeling, Adaptation and Personalization (FairUMAP), 27th Conference on User Modeling, Adaptation and Personalization (UMAP), pp. 301-307. Author Version Free Access (ACM Authorizer)
  15. Merlevede, J., Johnson, B., Grossklags, J., & Holvoet, T. (2019) Exponential Discounting in Security Games of Timing. Workshop on the Economics of Information Security (WEIS). Author Version
  16. Farhang, S., Kirdan, M., Laszka, A., & Grossklags, J. (2019) Hey Google, What Exactly Do Your Security Patches Tell Us? A Large-Scale Empirical Study on Android Patched Vulnerabilities. Workshop on the Economics of Information Security (WEIS). Author Version
  17. Chen, M., Fischer, F., Meng, N., Wang, X., & Grossklags, J. (2019) How Reliable is the Crowdsourced Knowledge of Security Implementation? Proceedings of the 41st ACM/IEEE International Conference on Software Engineering (ICSE), pp. 536-547. Acceptance rate = 20.6%. Author Version Publisher Site
  18. Nasr, M., Farhang, S., Houmansadr, A., & Grossklags, J. (2019) Enemy At the Gateways: Censorship-Resilient Proxy Distribution Using Game Theory. Proceedings of the 26th Network and Distributed System Security Symposium (NDSS). Acceptance rate = 17.1%. Author Version Publisher Version (Open Access)
  19. Engelmann, S., Chen, M., Fischer F., & Kao, C., & Grossklags, J. (2019) Clear Sanctions, Vague Rewards: How China's Social Credit System Currently Defines “Good” and “Bad” Behavior. Proceedings of the 2nd ACM Conference on Fairness, Accountability, and Transparency (FAT*), pp. 69-78. Acceptance rate = 24.1%. Author Version Free Access (ACM Authorizer)
  20. Farhang, S., Weidman, J., Kamani, M., Grossklags, J., & Liu, P. (2018) Take It or Leave It: A Survey Study on Operating System Upgrade Practices. Proceedings of the Annual Computer Security Applications Conference (ACSAC), pp. 490-504. Acceptance rate = 20.1%. Author Version Free Access (ACM Authorizer)
  21. Laszka, A., Panaousis, E., & Grossklags, J. (2018) Cyber-Insurance as a Signaling Game: Self-Reporting and External Security Audits. Proceedings of the Ninth Conference on Decision and Game Theory for Security (GameSec), pp. 508-520. Author Version Publisher Site
  22. Muntean, P., Wuerl, S., Grossklags, J., & Eckert, C. (2018) CastSan: Efficient Detection of Polymorphic C++ Object Type Confusions. Proceedings of the 23rd European Symposium on Research in Computer Security (ESORICS), pp. 3-25. Acceptance rate = 19.8%. Author Version Publisher Site
  23. Muntean, P., Fischer, M., Tan, G., Lin, Z., Grossklags, J., & Eckert, C. (2018) τCFI: Type-Assisted Control Flow Integrity for x86-64 Binaries. Proceedings of the 21st International Symposium on Research in Attacks, Intrusions and Defenses (RAID), pp. 423-444. Acceptance rate = 22.8%. Author Version Publisher Site
  24. Johnson, B., Laszka, A., Grossklags, J., & Moore, T. (2018) Economic Analyses of Security Investments on Cryptocurrency Exchanges. Proceedings of the 2018 IEEE International Conference on Blockchain (BLOCKCHAIN), pp. 1253-1262. Accepted as regular paper. Acceptance rate = 15.3%. Author Version Author version (arXiv) Publisher Site
  25. Webster, G., Harris, R., Hanif, Z., Hembree, B., Grossklags, J., & Eckert, C. (2018) Sharing is Caring: Collaborative Analysis and Real-time Enquiry. Proceedings of the IEEE International Symposium on Recent Advances on Blockchain and Its Applications (BlockchainApp), pp. 1402-1409. Author Version Publisher Site
  26. Engelmann, S., Grossklags, J., & Papakyriakopoulos, O. (2018) A Democracy called Facebook? Participation as a Privacy Strategy on Social Media. Proceedings of the Annual Privacy Forum 2018, pp. 91-108. Full paper. Author Version Publisher Site
  27. Weidman, J., & Grossklags, J. (2018) What's in Your Policy: An Analysis of the Current State of Information Security Policies in Academic Institutions. Proceedings of the 26th European Conference on Information Systems (ECIS). Complete research paper. Author Version Publisher Site
  28. Farhang, S., Laszka, A., & Grossklags, J. (2018) An Economic Study of the Effect of Android Platform Fragmentation on Security Updates. Proceedings of the Twenty-Second International Conference on Financial Cryptography and Data Security (FC), pp. 119-137. Acceptance rate = 26.6%. Author Version (arXiv) Publisher Site
  29. Laszka, A., Zhao, M., Malbari, A. & Grossklags, J. (2018) The Rules of Engagement for Bug Bounty Programs. Proceedings of the Twenty-Second International Conference on Financial Cryptography and Data Security (FC), pp. 138-159. Acceptance rate = 26.6%. Author Version Publisher Site
  30. Weidman, J. & Grossklags, J. (2017) I Like It, but I Hate It: Employee Perceptions Towards an Institutional Transition to BYOD Second-Factor Authentication. Proceedings of the Annual Computer Security Applications Conference (ACSAC), pp. 212-224. Acceptance rate = 19.7%. Author Version Free Access (ACM Authorizer)
  31. Laszka, A., Farhang, S., & Grossklags, J. (2017) On the Economics of Ransomware. Proceedings of the Eighth Conference on Decision and Game Theory for Security (GameSec), pp. 397-417. Author Version Publisher Site
  32. Petracca, G., Reineh, A., Sun, Y., Grossklags, J., & Jaeger, T. (2017) AWare: Preventing Abuse of Privacy-Sensitive Sensors via Operation Bindings. Proceedings of the 26th USENIX Security Symposium (USENIX Security), pp. 379-396. Acceptance rate = 16.3%. Open Access
  33. Farhang, S. & Grossklags, J. (2017) When to Invest in Security? Empirical Evidence and a Game-Theoretic Approach for Time-Based Security. Workshop on the Economics of Information Security (WEIS). Papers are available on the workshop website. Author Version
  34. Pu. Y. & Grossklags, J. (2017) Valuating Friends' Privacy: Does Anonymity of Sharing Personal Data Matter? Proceedings of the Thirteenth Symposium on Usable Privacy and Security (SOUPS), pp. 339-355. Acceptance rate = 26.5%. Open Access
  35. Bidgoli, M. & Grossklags, J. (2017) “Hello. This is the IRS calling.”: A Case Study on Scams, Extortion, Impersonation, and Phone Spoofing. Proceedings of the 2017 APWG Symposium on Electronic Crime Research (eCrime), pp. 57-69. Best Paper Honorable Mention Award. Author Version Publisher Site
  36. Nochenson, A. & Grossklags, J. (2017) I Didn’t Want That! An Experiment on Interventions for Deceptive Post-Transaction Marketing. Workshop on Technology and Consumer Protection (ConPro). Papers are available on the workshop website. Open Access
  37. Pu, Y. & Grossklags, J. (2016) Sharing Is Caring, or Callous? Proceedings of the International Conference on Cryptology and Network Security (CANS), pp. 670-680. Publisher Site
  38. Farhang, S. & Grossklags, J. (2016) FlipLeakage: A game-theoretic approach to protect against stealthy attackers in the presence of information leakage. Proceedings of the Seventh Conference on Decision and Game Theory for Security (GameSec), pp. 195-214. Publisher Site
  39. Bidgoli, M., Knijnenburg, B., & Grossklags, J. (2016) When cybercrimes strike undergraduates. Proceedings of the 2016 APWG Symposium on Electronic Crime Research (eCrime), pp. 42-51. Best Paper Award. Author Version Publisher Site
  40. Zhao, M., Laszka, A., Maillart, T., & Grossklags, J. (2016) Crowdsourced Security Vulnerability Discovery: Modeling and Organizing Bug-Bounty Programs. HCOMP Workshop on Mathematical Foundations of Human Computation. Papers are available on the workshop website. Author Version
  41. Laszka, A., Zhao, M., & Grossklags, J. (2016) Banishing Misaligned Incentives for Validating Reports in Bug-Bounty Platforms. Proceedings of the 21th European Symposium on Research in Computer Security (ESORICS), pp. 161-178. Conference held September 26-30, 2016, in Heraklion, Greece. Publisher Site
  42. Maillart, T., Zhao, M., Grossklags, J., & Chuang, J. (2016) Given Enough Eyeballs, All Bugs Are Shallow? Revisiting Eric Raymond with Bug Bounty Programs. Workshop on the Economics of Information Security (WEIS). Papers are available on the workshop website. Updated version available as journal paper.
  43. Bidgoli, M. & Grossklags, J. (2016) End User Cybercrime Reporting: What We Know and What We Can Do to Improve It. Proceedings of the 4th International Conference on Cybercrime and Computer Forensics (ICCCF). (6 pages). Conference held June 12-14, 2016, in Vancouver, Canada. Author Version Publisher Site
  44. Pu, Y. & Grossklags, J. (2015) Using Conjoint Analysis to Investigate the Value of Interdependent Privacy in Social App Adoption Scenarios. Proceedings of the International Conference on Information Systems (ICIS 2015). Conference held December 12-16, 2015, in Fort Worth, TX. Publisher Site
  45. Johnson, B., Laszka, A., & Grossklags, J. (2015). Games of Timing for Security in Dynamic Environments. Proceedings of the Sixth Conference on Decision and Game Theory for Security (GameSec). (17 pages). Conference held November 4-5, 2015, in London, UK. Publisher Site
  46. Zhao, M., Grossklags, J., & Liu, P. (2015). An Empirical Study of Web Vulnerability Discovery Ecosystems. Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS), pp. 1105-1117. Acceptance rate = 19.8%. Conference held October 12-16, 2015, in Denver, CO. Free Access (ACM Authorizer)
  47. Chessa, M., Grossklags, J., & Loiseau, P. (2015). A Game-Theoretic Study on Non-Monetary Incentives in Data Analytics Projects with Privacy Implications. Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF), pp. 90-104. Conference held July 13-17, 2015, in Verona, Italy. Publisher Site
  48. Laszka, A., & Grossklags, J. (2015) Should Cyber-Insurance Providers Invest in Software Security? Proceedings of the 20th European Symposium on Research in Computer Security (ESORICS), pp. 483-502. Acceptance rate < 20%. Conference held January 21–25, 2015, in Vienna, Austria. Publisher Site
  49. Chessa, M., Grossklags, J., & Loiseau, P. (2015). A Short Paper on the Incentives to Share Private Information for Population Estimates. Proceedings of the Nineteenth International Conference on Financial Cryptography and Data Security (FC), pp. 427-436. Acceptance rate = 32.3%. Conference held January 26–30, 2015, in San Juan, Puerto Rico. Publisher Site
  50. Johnson, B., Laszka, A., & Grossklags, J. (2015). When Bitcoin Mining Pools Run Dry: A Game-Theoretic Analysis of the Long-Term Impact of Attacks Between Mining Pools. Proceedings of the Nineteenth International Conference on Financial Cryptography and Data Security, 2nd Workshop on Bitcoin Research. (pp. 15 pages). Conference and workshop held January 26–30, 2015, in San Juan, Puerto Rico. Publisher Site
  51. Zhao, M., Grossklags, J., & Chen, K. (2014). An Exploratory Study of White Hat Behaviors in a Web Vulnerability Disclosure Program. Proceedings of the 21st ACM Conference on Computer and Communications Security; CCS Workshop on Security Information Workers, pp. 51-58. Workshop held November 7, 2014, in Scottsdale, AZ. Free Access (ACM Authorizer)
  52. Pu, Y., & Grossklags, J. (2014). An Economic Model and Simulation Results of App Adoption Decisions on Networks with Interdependent Privacy Consequences. Proceedings of the Fifth Conference on Decision and Game Theory for Security (GameSec), pp. 246-265. Conference held November 6-7, 2014, Los Angeles, CA. Publisher Site
  53. Grossklags, J. & Reitter, D. (2014). How Task Familiarity and Cognitive Predispositions Impact Behavior in a Security Game of Timing. Proceedings of the 27th IEEE Computer Security Foundations Symposium (CSF), pp. 111-122. Acceptance rate = 34.9%. Conference held July 19-22, 2014, in Vienna, Austria. Publisher Site
  54. Laszka, A., Johnson, B., & Grossklags, J. (2014). The Complexity of Estimating Systematic Risk in Networks. Proceedings of the 27th IEEE Computer Security Foundations Symposium (CSF), pp. 325-336. Acceptance rate = 34.9%. Conference held July 19-22, 2014, in Vienna, Austria. Publisher Site
  55. Grossklags, J. & Barradale, N. (2014). Social Status and the Demand for Security and Privacy. Proceedings of the 14th Privacy Enhancing Technologies Symposium (PETS), pp. 83-101. Acceptance rate = 18.6%. Conference held July 16-18, 2014, in Amsterdam, the Netherlands. Publisher Site
  56. Nochenson, A. & Grossklags, J. (2014). An Online Experiment on Consumers' Susceptibility to Fall for Post-Transaction Marketing Scams. Proceedings of the 22nd European Conference on Information Systems (ECIS 2014). (15 pages). Acceptance rate = 34.3%. Conference held June 9-11, 2014, in Tel Aviv, Israel. Author Version Publisher Site
  57. Xu, H., Wang, N., Wisniewski, P., & Grossklags, J. (2014). Default and Context: Investigating Facebook Users’ Privacy Perceptions and Behaviors of Installing Third-Party Apps. Workshop on the Future of Privacy Notice and Choice (FOPNAC). Workshop held June 27, 2014, in Pittsburgh, PA. Position paper. Papers are available on the workshop website. Open Access
  58. Laszka, A., Johnson, B., & Grossklags, J. (2014). How many down? Toward understanding system-wide network risk. Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security (AsiaCCS), pp. 495-500. Acceptance rate = 20.0%. Conference held June 4-6, 2014, in Kyoto, Japan. Free Access (ACM Authorizer)
  59. Laszka, A., Johnson, B., Grossklags, J., & Felegyhazi, M. (2014). Estimating Systematic Risk in Real-World Networks. Proceedings of the Eighteenth International Conference on Financial Cryptography and Data Security (FC), pp. 417-435. Acceptance rate = 13.8% (for full papers). Conference held March 3-7, 2014, in Christ Church, Barbados. Publisher Site
  60. Johnson, B., Laszka, A., Grossklags, J., Vasek, M., & Moore, T. (2014). Game-Theoretic Analysis of DDoS Attacks Against Bitcoin Mining Pools. Proceedings of the Eighteenth International Conference on Financial Cryptography and Data Security, 1st Workshop on Bitcoin Research, pp. 72-86. Conference held March 3-7, 2014, in Christ Church, Barbados. Publisher Site
  61. Wang, N., Wisniewski, P., Xu, H., & Grossklags, J. (2014). Designing the Default Privacy Settings for Facebook Applications. Proceedings of the 17th ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW), Poster Papers, pp. 249-252. Conference held July 11-14, 2013, in Baltimore, Maryland. Free Access (ACM Authorizer)
  62. Laszka, A., Johnson, B., & Grossklags, J. (2013). Mitigating Covert Compromises: A Game-Theoretic Model of Targeted and Non-Targeted Covert Attacks. Proceedings of the 9th Conference on Web and Internet Economics (WINE), pp. 319-332. Acceptance rate = 24.0%. Conference held December 11 - 14, 2013, in Cambridge, MA. Author Version (and Technical Appendix) Publisher Site
  63. Böhme, R., & Grossklags, J. (2013). Trading Agent Kills Market Information: Evidence from Online Social Lending. Proceedings of the 9th Conference on Web and Internet Economics (WINE), pp. 68-81. Acceptance rate = 24.0%. Conference held December 11 - 14, 2013, in Cambridge, MA. Author Version Publisher Site
  64. Nochenson, A., Grossklags, J., & Lambert, K. (2013). Conducting an Internet Measurement Project in an Interdisciplinary Class Context: A Case Study. Proceedings of the 6th International Conference of Education, Research and Innovation, pp. 6938-6947. Conference held November 18 - 20, 2013, in Seville, Spain. Author Version Publisher Site
  65. Laszka, A., Johnson, B., & Grossklags, J. (2013). Mitigation of Targeted and Non-Targeted Covert Attacks as a Timing Game. Proceedings of the Fourth Conference on Decision and Game Theory for Security (GameSec), pp. 175-191. Conference held November 11-12, 2013, in Fort Worth, TX. Author Version Publisher Site
  66. Johnson, B., Schöttle, P., Laszka, A., Grossklags, J., & Böhme, R. (2013). Bitspotting: Detecting Optimal Adaptive Steganography. Proceedings of the 12th International Workshop on Digital-Forensics and Watermarking, pp. 3-18. Workshop held October 1 - 4, 2013, in Auckland, New Zealand. Author Version Publisher Site
  67. Schöttle, P., Johnson, B., Laszka, A., Grossklags, J., & Böhme, R. (2013). A Game-Theoretic Analysis of Content-Adaptive Steganography with Independent Embedding. Proceedings of the 21st European Signal Processing Conference (EUSIPCO). Conference held September 9 - 13, 2013, in Marrakech, Marocco. Author Version Publisher Site
  68. Laszka, A., Johnson, B., Schöttle, P., Grossklags, J., & Böhme, R. (2013). Managing the Weakest Link: A Game-Theoretic Approach for the Mitigation of Insider Threats. Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS), pp. 273-290. Acceptance rate = 17.8%. Conference held September 9 - 13, 2013, in Egham, UK. Author Version Publisher Site
  69. Reitter, D., Grossklags, J., & Nochenson, A. (2013). Risk-Seeking in a Continuous Game of Timing. Proceedings of the 12th International Conference on Cognitive Modeling (ICCM), pp. 397-403. Conference held July 11-14, 2013, in Ottawa, Canada. Author Version Publisher Site
  70. Nochenson, A., & Grossklags, J. (2013). A Behavioral Investigation of the FlipIt Game. Workshop on the Economics of Information Security (WEIS). (18 pages). Workshop held June 11-12, 2013, in Washington, D.C. Author Version Open Access
  71. Wang, N., Grossklags, J., & Xu, H. (2013). An Online Experiment of Privacy Authorization Dialogues for Social Applications. Proceedings of the 16th ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW 2013), pp. 261-272. Acceptance rate 35.6%. Conference held May 20-23, in San Antonio, TX. Author Version Free Access (ACM Authorizer)
  72. Xu, H., Wang, N., & Grossklags, J. (2013). Translating IUIPC into Design: The Case of Third-Party Applications on Facebook. Workshop on Measuring Networked Social Privacy: Qualitative & Quantitative Approaches, at the 16th ACM Conference on Computer Supported Cooperative Work and Social Computing (CSCW). Author Version Open Access
  73. Xu, H., Grossklags, J., & Wang, N. (2012). Privacy-by-ReDesign: Alleviating Privacy Concerns for Third-Party Applications. Proceedings of the International Conference on Information Systems (ICIS). Acceptance rate = 29.2%. Conference held December 16 - 19, 2012, in Orlando, Florida. Author Version Publisher Site 
  74. Vratonjic, N., Manshaei, M., Grossklags, J., & Hubaux, J.-P. (2012). Ad-blocking Games: Monetizing Online Content Under the Threat of Ad Avoidance. Proceedings of the 11th Workshop on the Economics of Information Security (WEIS). Papers are available on the workshop website.
  75. Johnson, B., Chuang, J., Grossklags, J., & Christin, N. (2012). Metrics for Measuring ISP Badness: The Case of Spam. Proceedings of the Sixteenth International Conference on Financial Cryptography and Data Security (FC), pp. 89-97. Acceptance rate = 26.1%. Conference held February 27 - March 2, 2012, in Kralendijk, Bonaire. Author Version Publisher Site
  76. Wang, N., Xu, H., & Grossklags, J. (2011). Third-Party Apps on Facebook: Privacy and the Illusion of Control. Proceedings of the ACM Symposium on Computer Human Interaction for Management of Information Technology (CHIMIT). (10 pages). Conference held December 4-5, 2011, in Boston, MA. Author Version Free Access (ACM Authorizer)
  77. Johnson, B., Böhme, R., & Grossklags, J. (2011). Security Games with Market Insurance. Proceedings of the Second Conference on Decision and Game Theory for Security (GameSec), pp. 117-130. Conference held November 14-15, 2011, in College Park, MD. Author Version Publisher Site
  78. Böhme, R., & Grossklags, J. (2011). The Security Cost of Cheap User Interaction. Proceedings of the Fourteenth New Security Paradigms Workshop (NSPW), pp. 67-82. Acceptance rate = 38%. Workshop held September 12-15, 2011, in Marin County, CA. Free Access (ACM Authorizer)
  79. Böhme, R., & Grossklags, J. (2011). Vanishing Signals: Trading Agent Kills Market Information (Evidence from a Natural Experiment in Online Social Lending). Proceedings of the 6th Workshop on the Economics of Networks, Systems and Computation (NetEcon). Acceptance rate = 35%. Workshop held June 6, 2011, in San Jose, CA.
  80. Grossklags, J., Appel, L., & Bridges, F. (2011). Young Adults and Online Political Participation: Search Strategies and the Role of Social Media. Proceedings of the 12th International Digital Government Research Conference (dg.o 2011), pp. 302-306. Conference held June 12-15, 2011, in College Park, MD. Author Version Free Access (ACM Authorizer)
  81. Johnson, B., Grossklags, J., Christin, N., & Chuang, J. (2011). Nash Equilibria for Weakest Target Security Games with Heterogeneous Agents. Proceedings of the 2nd International ICST Conference on Game Theory for Networks (GameNets), pp. 444-458. Conference held April 16-18, 2011, in Shanghai, China. Author Version Publisher Site
  82. Christin, N., Egelman, S., Vidas, T., & Grossklags, J. (2011). It's All About the Benjamins: An Empirical Study on Incentivizing Users to Ignore Security Advice. Proceedings of the Fifteenth International Conferencce on Financial Cryptography and Data Security (FC), pp. 16-30. Acceptance rate = 20%. Conference held February 28 - March 4, 2011, in Rodney Bay, St. Lucia. Author Version Publisher Site
  83. Johnson, B., Grossklags, J., Christin, N., & Chuang, J. (2010). Uncertainty in Interdependent Security Games. Proceedings of the 1st Conference on Decision and Game Theory for Security (GameSec), pp. 234-244. Acceptance rate = 33.0%. Conference held November 22-23, 2010, in Berlin, Germany. Author Version Publisher Site
  84. Johnson, B., Grossklags, J., Christin, N., & Chuang, J. (2010). Are Security Experts Useful? Bayesian Nash Equilibria for Network Security Games with Limited Information. Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS), pp. 588-606. Paper acceptance rate: 20.8%. Conference held September 20-22, 2010, in Athens, Greece. Author Version Publisher Site
  85. Grossklags, J., Radosavac, S., Cardenas, A., & Chuang, J. (2010). Nudge: Intermediaries' Role in Interdependent Network Security. Proceedings of the Third International Conference on Trust and Trustworthy Computing (TRUST 2010), pp. 323-336. Conference held June 21-23, 2010, in Berlin, Germany. Publisher Site [Complementary poster paper at SAC 2010: Free Access (ACM Authorizer)]
  86. Grossklags, J., Johnson, B., & Christin, N. (2010). When Information Improves Information Security. Proceedings of the Fourteenth International Conference Financial Cryptography and Data Security (FC), pp. 416-423. Acceptance rate = 26.1%. Conference held January 25-28, 2010, in Tenerife, Spain. Author Version (Extended) Publisher Site
  87. Grossklags, J., Johnson, B., & Christin, N. (2009). The Price of Uncertainty in Security Games. Proceedings of the Eighth Workshop on the Economics of Information Security (WEIS). Workshop held June 24-25, 2009, in London, UK. Author Version
  88. Grossklags, J., & Johnson, B. (2009). Uncertainty in the Weakest-link Security Game. Proceedings of the International Conference on Game Theory for Networks (GameNets), pp. 673-682. Conference held May 13-15, 2009, in Istanbul, Turkey. Author Version Publisher Site
  89. Fultz, N., & Grossklags, J. (2009). Blue versus Red: Towards a Model of Distributed Security Attacks. Proceedings of the Thirteenth International Conference Financial Cryptography and Data Security (FC), pp. 167-183. Acceptance rate = 22%. Conference held February 23 - 26, 2009, in Christ Church, Barbados. Author Version Publisher Version
  90. Grossklags, J., Christin, N., & Chuang, J. (2008). Security and Insurance Management in Networks with Heterogeneous Agents. Proceedings of the 9th ACM Conference on Electronic Commerce (EC), pp. 160-169. Acceptance rate = 19%. Conference held July 8 - 12, 2008, in Chicago, IL. Author Version Free Access (ACM Authorizer)
  91. Grossklags, J., Christin, N., & Chuang, J. (2008). Predicted and Observed User Behavior in the Weakest-Link Security Game. Proceedings of the 2008 USENIX Workshop on Usability, Psychology, and Security (UPSEC'08). (6 pages). Conference held April 14, 2008, in San Francisco, CA. Author Version
  92. Grossklags, J., Christin, N., & Chuang, J. (2008). Secure or Insure? A Game-Theoretic Analysis of Information Security Games. Proceedings of the 17th International World Wide Web Conference (WWW), pp. 209-218. Acceptance Rate = 11% (for full papers). Conference held April 21 - 25, 2008, in Beijing, China. Author Version Free Access (ACM Authorizer)
  93. Grossklags, J. (2007). Experimental Economics and Experimental Computer Science: A Survey. Proceedings of the Workshop on Experimental Computer Science (ExpCS'07). (11 pages). Workshop held June 13-14. 2007, in San Diego, CA. Author Version Free Access (ACM Authorizer)
  94. Grossklags, J., & Acquisti, A. (2007). When 25 Cents is Too Much: An Experiment on Willingness-To-Sell and Willingness-To-Protect Personal Information. Sixth Workshop on the Economics of Information Security (WEIS). (22 pages). Conference held June 7- 8, 2007, in Pittsburgh, PA. Papers are available on the workshop website. Author Version
  95. Good, N., Grossklags, J., Mulligan, D., & Konstan, J. (2007). Noticing Notice: A Large-Scale Experiment on the Timing of Software License Agreements. Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI), pp. 607-616. Acceptance Rate = 25%. Conference held April 28 - May 3, 2007, in San Jose, CA. Author Version Free Access (ACM Authorizer)
  96. Grossklags, J., & Good, N. (2007). Empirical Studies on Software Notices to Inform Policy Makers and Usability Designers. Proceedings of the Workshop on Usable Security (USEC), pp. 341-355. Published in Proceedings of the Eleventh International Conference Financial Cryptography and Data Security (FC), Lecture Notes in Computer Science (LNCS), No. 4886, Springer Verlag. Conference held February 15-16, 2007, in Scarborough, Trinidad/Tobago.
  97. Good, N., Dhamija, R., Grossklags, J., Aronovitz, S., Thaw, D., Mulligan, D., & Konstan, J. (2005). Stopping Spyware at the Gate: A User Study of Privacy, Notice and Spyware. Proceedings of the Symposium on Usable Privacy and Security (SOUPS), pp. 43-52. Acceptance Rate = 26%. Conference held July 6-8, 2005, in Pittsburgh, PA. Author Version Free Access (ACM Authorizer)
  98. Acquisti, A., & Grossklags, J. (2005). Uncertainty, Ambiguity and Privacy. Workshop Economics and Information Security (WEIS). Workshop held June 2-3, 2005, in Boston, MA. Papers are available on the workshop website.
  99. Christin, N., Grossklags, J., & Chuang, J. (2004). Near rationality and competitive equilibria in networked systems. Proceedings of the SIGCOMM Workshop on Practice and Theory of Incentives in Networked Systems (PINS), pp. 213-219. Acceptance Rate = 25%. Workshop held August 30 - September 3, 2004, in Portland, OR. Author Version Free Access (ACM Authorizer)
  100. Acquisti, A., & Grossklags, J. (2004). Privacy and Rationality: Preliminary Evidence from Pilot Data. Workshop Economics and Information Security (WEIS). Workshop held May 13-14, 2004, Minneapolis, Minnesota. Papers are available on the workshop website.
  101. Grossklags, J., & Schmidt, C. (2003). Artificial Software Agents on Thin Double Auction Markets: A Human Trader Experiment. Proceedings of the 2003 IEEE/WIC International Conference on Intelligent Agent Technology (IAT), pp. 400-407. Acceptance Rate = 23%. Conference held October 13-17, 2003, in Halifax, Canada. Author Version Publisher Version
  102. Acquisti, A., & Grossklags, J. (2003). Losses, Gains, and Hyperbolic Discounting: An Experimental Approach to Information Security Attitudes and Behavior. Workshop Economics and Information Security (WEIS). Conference held May 29-30, 2003, in College Park, MD. Papers are available on the workshop website. Author Version
  103. Ghose, A., Grossklags, J., & Chuang, J. (2003). Resilient Data-Centric Storage in Wireless Ad-Hoc Sensor Networks. Proceedings of the 4th International Conference on Mobile Data Management (MDM), sponsored by ACM SIGMOD, ACM SIGMOBILE and the Australian Computer Society/ACS, pp. 45-62. Best paper award (87 submissions). Acceptance rate = 24%. Conference held 21-24 January, 2003, in Melbourne, Australia. Author Version Publisher Version
  104. Spiekermann, S., Grossklags, J., & Berendt, B. (2001). E-privacy in 2nd Generation E-Commerce: Privacy Preferences Versus Actual Behavior. Proceedings of the Third ACM Conference on Electronic Commerce (EC), pp. 38-47. Acceptance Rate < 20%. Conference held October 14-17, in Tampa, FL. Author Version Free Access (ACM Authorizer)
  105. Spiekermann, S., Grossklags, J., & Berendt, B. (2001). Stated Privacy Preferences versus Actual Behaviour in EC environments: A Reality Check. Proceedings of the 5th International Conference Wirtschaftsinformatik (Business Informatics) - 3rd Conference Information Systems in Finance (WI-IF 2001), pp. 129-148. Best Paper Award. Conference held September 19-21, 2001, in Augsburg, Germany. Author Version Publisher Version
  106. Grossklags, J., & Schmidt, C. (2000). Dumb Software Agents on Experimental Electronic Markets. Proceedings of Informatiktage 2000 (Fachwissenschaftlicher Informatik-Kongress).  Conference held October 27-28, 2000, in Bad Schussenried, Germany. Author Version (Extended Working Paper)

Book Chapters

  1. Vratonjic, N., Manshaei, M., Grossklags, J., & Hubaux, J.-P. (2013) Ad-blocking Games: Monetizing Online Content Under the Threat of Ad Avoidance, In R. Böhme (Ed.), The Economics of Information Security and Privacy, pp. 49-73. Springer Verlag. Author Version Publisher Version
  2. Grossklags, J., Johnson, B., & Christin, N. (2010). The Price of Uncertainty in Security Games. In T. Moore, D. Pym, C. Ioannidis (Eds.), Economics of Information Security and Privacy, pp. 9-32. New York/Dordrecht/Heidelberg/London: Springer. Lead article.
  3. Christin, N., Chuang, J., & Grossklags, J. (2008). Economics-Informed Design of Content Delivery Networks. In R. Buyya, A. Pathan, A. Vakali (Eds.), Content Delivery Networks: Principles and Paradigms, pp. 183-210. New York/Dordrecht/Heidelberg/London: Springer.
  4. Acquisti, A., & Grossklags, J. (2007). What Can Behavioral Economics Teach Us About Privacy? In A. Acquisti, S. Gritzalis, C. Lambrinoudakis, S. Di Vimercati (Eds.), Digital Privacy: Theory, Technologies, and Practices, pp. 363-379. Boca Raton: Auerbach Publications.
  5. Good, N., Dhamija, R., Grossklags, J., Aronovitz, S., Thaw, D., Mulligan, D., & Konstan, J. (2007). Stopping Spyware at the Gate: A User Study of Privacy, Notice and Spyware. Spyware - An Insight, pp. 81-109. Andhra Pradesh: Icfai University Press. Reprint of conference publication.
  6. Acquisti, A., & Grossklags, J. (2005). Privacy and Rationality: Theory and Evidence. In K. Strandburg, D. Raicu (Eds.), Privacy and Technologies of Identity: A Cross-Disciplinary Conversation, pp. 15-29. New York/Dordrecht/Heidelberg/London: Springer.
  7. Acquisti, A., & Grossklags, J. (2004). Privacy Attitudes and Privacy Behavior: Losses, Gains, and Hyperbolic Discounting. In Jean Camp and Stephen Lewis (Eds.), The Economics of Information Security, pp. 165-178. Boston/Dordecht/London: Kluwer Academic Publishers.