Stephan Wiefling
emailstephan.wiefling (a) th-koeln.de
twitterswiefling
researchgateStephan Wiefling
linkedinStephan Wiefling

About

I’m a PhD student in IT Security (Data- and Application Security Group, TH Köln) supervised by Luigi Lo Iacono and Markus Dürmuth. My current research spans areas of Authentication and Usability. Among other things, I am researching how to improve the security of passwords without reducing usability.

I also co-wrote the book “Programmieren trainieren” (Exercise programming) which was released in the Hanser Verlag.

Research interests

  • Risk-based Authentication
  • Usable Security
  • Mobile Authentication
  • Usable Passwords
  • Developer-Centered Security
  • Human-Computer-Interaction (HCI)

Awards

Best Graduate of the Year 2018/2019, Master Media Technology
Granted by: TH Köln - University of Applied Sciences
RISE Germany Scholarship 2019
Granted by: German Academic Exchange Service (DAAD)

Selected Publications


Even Turing Should Sometimes Not Be Able To Tell: Mimicking Humanoid Usage Behavior for Exploratory Studies of Online Services ()
and 24th Nordic Conference on Secure IT Systems (NordSec 2019). Springer Nature.
PDF PDF [Publisher] Slides Website
@inproceedings{article_nordsec2019_wiefling,
  title = {Even {Turing} {Should} {Sometimes} {Not} {Be} {Able} {To} {Tell}: {Mimicking} {Humanoid} {Usage} {Behavior} for {Exploratory} {Studies} of {Online} {Services}},
  booktitle = {24th {Nordic} {Conference} on {Secure} {IT} {Systems} ({NordSec} 2019)},
  series = { {Lecture} {Notes} in {Computer} {Science}},
  author = {Wiefling, Stephan and Gruschka, Nils and Lo Iacono, Luigi},
  volume = {11875},
  pages = {188--203},
  isbn = {978-3-030-35055-0},
  doi = {10.1007/978-3-030-35055-0_12},
  publisher = {Springer Nature},
  location = {Aalborg, Denmark},
  month = nov,
  year = {2019}
}

Is This Really You? An Empirical Study on Risk-Based Authentication Applied in the Wild ()
and 34th IFIP TC-11 International Conference on Information Security and Privacy Protection (IFIP SEC 2019). Springer International Publishing.
PDF Slides Website
@inproceedings{article_ifipsec2019_wiefling,
  title = {Is {This} {Really} {You}? {An} {Empirical} {Study} on {Risk}-{Based} {Authentication} {Applied} in the {Wild}},
  booktitle = {34th {IFIP} {TC}-11 {International} {Conference} on {Information} {Security} and {Privacy} {Protection} ({IFIP} {SEC} 2019)},
  series = { {IFIP} {Advances} in {Information} and {Communication} {Technology}},
  author = {Wiefling, Stephan and Lo Iacono, Luigi and D\"{u}rmuth, Markus},
  volume = {562},
  pages = {134--148},
  isbn = {978-3-030-22311-3},
  doi = {10.1007/978-3-030-22312-0_10},
  publisher = {Springer International Publishing},
  location = {Lisbon, Portugal},
  month = jun,
  year = {2019}
}

Warn if Secure or How to Deal with Security by Default in Software Development? ()
and 12th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2018).
PDF
@inproceedings{article_haisa2018_gorski,
  author = {Gorski, {Peter Leo} and {Lo Iacono}, Luigi and Wiefling, Stephan and M{\"o}ller, Sebastian},
  title = {Warn if Secure or How to Deal with Security by Default in Software Development?},
  booktitle = {12th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2018)},
  year = {2018},
  isbn = {978-0-244-40254-9},
  url = {https://www.cscan.org/?page=openaccess&eid=20&id=388}
}

Programmieren trainieren - Mit über 120 Workouts in Java und Python [Exercise programming - With over 120 workouts in Java and Python] ()
and Carl Hanser Verlag GmbH & Co. KG.
PDF [Preview] Website
@book{book_hanser2018_LoIacono,
  title = {Programmieren trainieren - Mit über 120 Workouts in Java und Python},
  author = {Lo Iacono, Luigi and Wiefling, Stephan and Schneider, Michael},
  year = {2018},
  publisher = {Carl Hanser Verlag GmbH & Co. KG},
  url = {http://www.hanser-fachbuch.de/buch/Programmieren+trainieren/9783446454866}
}

Anwendung der Blockchain außerhalb von Geldwährungen [Applying Blockchain outside of Crypto Currencies] ()
and DuD - Datenschutz und Datensicherheit.
PDF PDF [Publisher]
@article{journals_dud41.2_wiefling,
  author = {Wiefling, Stephan and Lo Iacono, Luigi and Sandbrink, Frederik},
  year = {2017},
  pages = {482-486},
  volume = {41},
  number = {8},
  doi = {10.1007/s11623-017-0816-x},
  journal = {DuD - Datenschutz und Datensicherheit},
  url = {https://doi.org/10.1007/s11623-017-0816-x},
}