Dominik Wermke

Analyzing Security and Privacy Advice During the 2022 Russian Invasion of Ukraine on Twitter

Schmüser, J., Ramulu, H. S., Wöhler, N., Stransky, C., Bensmann, F., Dimitrov, D., … Fahl, S. (2024, May 11).

Decomposing and Measuring Trust in Open-Source Software Supply Chains

2024 IEEE/ACM 46TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING: NEW IDEAS AND EMERGING RESULTS, ICSE-NIER 2024, pp. 57–61.

"Always Contribute Back": A Qualitative Study on Security Challenges of the Open Source Supply Chain

In Proceedings of the 44th IEEE Symposium on Security and Privacy (S&P’23).

A Viewpoint on Human Factors in Software Supply Chain Security: A Research Agenda

IEEE SECURITY & PRIVACY, 21(6), 59–63.

Developers' Approaches to Software Supply Chain Security: An Interview Study

Sammak, R., Rotthaler, A. L., Ramulu, H. S., Wermke, D., & Acar, Y. (2023, November 19).

It's like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security

2023 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, SP, pp. 1527–1544.

It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security

In Proceedings of the 44th IEEE Symposium on Security and Privacy (S&P'23).

Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories

32nd USENIX Security Symposium (USENIX Security 23), 2527–2544. https://www.usenix.org/conference/usenixsecurity23/presentation/krause

Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects

Committed to Trust: A Qualitative Study on Security & Trust in Open Source Software Projects. 43rd IEEE Symposium on Security and Privacy (IEEE S&P 2022).

If You Can’t Get Them to the Lab: Evaluating a Virtual Study Environment with Security Information Workers

Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022).

A Large-Scale Interview Study on Information Security in and Attacks against Small and Medium-sized Enterprises

30th USENIX Security Symposium (USENIX Security 21).

Never ever or no matter what: Investigating Adoption Intentions and Misconceptions about the Corona-Warn-App in Germany

In Proceedings of Seventeenth Symposium on Usable Privacy and Security (SOUPS 2020).

On the Limited Impact of Visualizing Encryption: Perceptions of E2E Messaging Security

Seventeenth Symposium on Usable Privacy and Security (SOUPS 2021), 437–454.

Cloudy with a Chance of Misconceptions: Exploring Users’ Perceptions and Expectations of Security and Privacy in Cloud Office Suites

Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020), 359–377.

Replication: Do We Snooze If We Can’t Lose? Modelling Risk with Incentives in Habituation User Studies

Workshop on Usable Security (USEC) 2019.

A Large Scale Investigation of Obfuscation Use in Google Play

Proceedings of the 34th Annual Computer Security Applications Conference (ACSAC '18), 222–235.

Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic API Misuse

USENIX Symposium on Usable Privacy and Security (SOUPS) 2018, 265–281.

A stitch in time: Supporting android developers in writing secure code

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, 1065–1077.

Developers need support, too: A survey of security advice for software developers

2017 IEEE Cybersecurity Development (SecDev), 22–26.

Lessons learned from using an online platform to conduct large-scale, online controlled security experiments with software developers

10th USENIX Workshop on Cyber Security Experimentation and Test (CSET 17).

Security developer studies with github users: Exploring a convenience sample

USENIX Symposium on Usable Privacy and Security (SOUPS) 2017, 81–95.