Learn More
—Web browsers are crucial software components in today's usage of the Internet, but the reliable detection of whether a client is using a specific browser can still be considered a nontrivial problem. Reliable browser identification is crucial for online security and privacy e.g., regarding drive-by downloads and user tracking, and can be used to enhance(More)
Governance, Risk and Compliance (GRC) is an emerging topic in the business and information technology world. However to this day the concept behind the acronym has neither been adequately researched, nor is there a common understanding among professionals. The research at hand provides a frame of reference for research of integrated GRC that was derived(More)
Governance, Risk, and Compliance (GRC) is an emerging topic in the world of business and information technology. However to date there is a lack of research on an integrated approach to GRC has hardly been researched. In this paper we construct an integrated process model for high-level IT GRC management. First, we discuss existing process models for(More)
During the past few years, a vast number of online file storage services have been introduced. While several of these services provide basic functionality such as upload-ing and retrieving files by a specific user, more advanced services offer features such as shared folders, real-time collaboration, minimization of data transfers or unlimited storage(More)
In recent months a new generation of mobile messag-ing and VoIP applications for smartphones was introduced. These services offer free calls and text messages to other subscribers, providing an Internet-based alternative to the traditional communication methods managed by cellular network carriers such as SMS, MMS and voice calls. While user numbers are(More)
Friend-in-the-middle attacks on social networking sites can be used to harvest social data in an automated fashion. Attackers can then exploit this data for large-scale attacks using context-aware spam and social phishing. The authors prove the feasibility of such an attack and simulate the impact on Facebook. Alarmingly, all major social networking sites(More)
—Expecting the shipment of 1 billion Android devices in 2017, cyber criminals have naturally extended their vicious activities towards Google's mobile operating system. With an estimated number of 700 new Android applications released every day, keeping control over malware is an increasingly challenging task. In recent years, a vast number of static and(More)
Session hijacking has become a major problem in today's Web services, especially with the availability of free off-the-shelf tools. As major websites like Facebook, You tube and Yahoo still do not use HTTPS for all users by default, new methods are needed to protect the users' sessions if session tokens are transmitted in the clear. In this paper we propose(More)
Governance, Risk and Compliance (GRC) is an emerging topic in the business and information technology world. However to this day the concept behind the acronym has neither been adequately researched, nor is there a common understanding among professionals. The research at hand provides a frame of reference for research of integrated GRC that was derived(More)