A tighter bound for the self-stabilization time in Herman's algorithm. Information processing letters. 113:486–488.. 2013.
On thinging things and serving services: technological mediation and inseparable goods. Ethics and information technology. 15:195–208.. 2013.
Socio-Technical Security Metrics (Dagstuhl Seminar 14491). Dagstuhl Reports. 4:1–28.. 2015.
Security-by-Experiment: Lessons from Responsible Deployment in Cyberspace. Science and Engineering Ethics. N/A. 2016.
Security-by-Experiment: Lessons from Responsible Deployment in Cyberspace. Science and Engineering Ethics. N/A. 2015.
Security analysis of socio-technical physical systems. Computers & Electrical Engineering. online. 2015.
Reconciling Malicious and Accidental Risk in Cyber Security. Journal of Internet Services and Information Security. 4:4–26.. 2014.
Reachability-based impact as a measure for insiderness. Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications. 4:38–48.. 2013.
Quantitative Penetration Testing with Item Response Theory. Journal of Information Assurance and Security. 9:118–127.. 2014.
Probabilistic reasoning with graphical security models. Information sciences. 342:111–131.. 2016.
Priming and warnings are not effective to prevent social engineering attacks. Computers in Human Behavior. 66:75–87.. 2017.
The persuasion and security awareness experiment: reducing the success of social engineering attacks. Journal of Experimental Criminology. 11:97–115.. 2015.
The Navigation Metaphor in Security Economics. IEEE Security & Privacy. 14:14–21.. 2016.