Publications

Refereed Journals

  • A. Ekelhart, E. Kiesling, B. Grill, C. Strauss, C. Stummer Selecting Security Control Portfolios: A Multi-Objective Simulation-Optimization Approach. EURO Journal on Decision Processes, in press, 2016. DOI: 10.1007/s40070-016-0055-7. [PDF]
  • A. Ekelhart, E. Kiesling, B. Grill, C. Strauss, C. Stummer Integrating attacker behavior in IT security analysis: a discrete-event simulation approach Information Technology and Management, September 2015, Vol 16(3) 2015 p. 221-233, DOI: 10.1007/s10799-015-0232-6.
    [PDF]

    • Conference Proceedings

  • Grill B., Ekelhart A., Kiesling E., Strauss C., and Stummer C. (2015) Multi-objective evolutionary optimization of computation-intensive simulations - The case of security control selection", In: Proceedings of the 11th Metaheuristics International Conference (MIC 2015).
    [PDF]
  • Ekelhart A., Grill B., Kiesling E., Strauss C., Stummer C. (2014) "Komplexe Systeme, heterogene Angreifer und vielfältige Abwehrmechanismen: Simulationsbasierte Entscheidungsunterstützung im IT-Sicherheitsmanagement", In: Katzenbeisser S., Lotz V., and Weippl E. (eds.) Sicherheit 2014 - Sicherheit, Schutz und Zuverlässigkeit, Beiträge der 7. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft für Informatik e.V.(GI). Lecture Notes in Informatics (LNI) GI-Edition, Vol P-228, Gesellschaft für Informatik Bonn, 2014, ISBN 978-3-88579-622-0, ISSN 1617-5468, p. 345-361.
    [PDF| Online-Supplement Input-Files]
  • Kiesling E., Ekelhart A., Grill B., Strauss C., and Stummer C. (2013) "Evolving secure information systems through attack simulation", In: Proceedings of the Hawaii International Conference on System Sciences (HICSS-47). IEEE Computer Society Digital Library, pp. 4868-4877, DOI: 10.1109/HICSS.2014.597
    [PDF]
  • Kiesling E., Ekelhart A., Grill B., Strauss C., and Stummer C. (2013) "Simulation-based optimization of Information security controls: An adversary-centric approach", In: Pasupathy R., Kim S.-H., Tolk A., Hill R., Kuhl M.E. (eds). Proceedings of the Winter Simulation Conference (WSC 2013), pp. 2054-2065, DOI: 10.1109/WSC.2013.6721583.
    [PREPRINT]
  • Kiesling E., Ekelhart A., Grill B., Strauss C., and Stummer C. (2013), "Simulation-based optimization of IT security controls: Initial experiences with metaheuristic solution procedures", In: 14th EU/ME Workshop, Hamburg.
    [Extended abstract]
  • Kiesling E., Strauss C., and Stummer C. (2012), "A multi-objective decision support framework for simulation-based security control selection", In: Proceedings of the Seventh International Conference on Availability, Reliability and Security (ARES 2012), Prague, pp. 454–462, DOI: 10.1109/ARES.2012.70.
    [PREPRINT]

    • Talks

  • Grill B., Ekelhart A., Kiesling E., Strauss C., and Stummer C. (2015) "Multi-objective evolutionary optimization of computation-intensive simulations - The case of security control selection", 11th Metaheuristics International Conference (MIC 2015).
    [Slides]
  • Ekelhart A., Grill B., Kiesling, E., Strauss C., and Stummer C. (2014) "Komplexe Systeme, heterogene Angreifer und vielfältige Abwehrmechanismen: Simulationsbasierte Entscheidungsunterstützung im IT-Sicherheitsmanagement", 6. GI-Sicherheit Fachtagung, Vienna, Austria, March 19-21.
    [Slides]
  • Kiesling E., Ekelhart A., Grill B., Stummer C., and Strauss C. (2014), "Evolving Secure Information Systems through Attack Simulation", 47th Hawaii International Conference on System Science, Hawaii, USA, Jan 6-9.
    [Slides]
  • Kiesling E., Ekelhart A., Grill B., Strauss C., and Stummer C. (2013), "Simulation-based optimization of information security controls: An adversary-centric approach", 2013 Winter Simulation conference, Washington, D.C., USA, Dec 8-11.
    [Slides]
  • Kiesling E., Ekelhart A., Grill B., Strauss C., and Stummer C. (2013) "A simulation-optimization approach for information security risk management", International Conference on Operations Research (OR 2013), Rotterdam, Netherlands, Sept. 3-6.
    [Slides]
  • Kiesling E., Ekelhart A., Grill B., Strauss C., and Stummer C. (2013) "Multi-objective decision support for IT security control selection", EURO-INFORMS European Conference on Operational Research (EURO XXVI), Rome, Italy, July 1-4.
    [Slides]
  • Kiesling E., Ekelhart A., Grill B., Strauss C., and Stummer C. (2013) "Simulation-based optimization of IT security controls: Initial experiences with metaheuristic solution procedures", 14th Workshop of the EURO Working Group on Metaheuristics (EU/ME), Hamburg, Germany, Feb. 28 - Mar. 01.
    [Slides]
  • Kiesling E., Strauss C., and Stummer C. (2012) "A multi-objective decision support framework for simulation-based security control selection", Seventh International Conference on Availability, Reliability and Security (ARES 2012), Prague, Czech Republic, Aug. 20-24.
    [Slides]