Short CV

Sebastian Pape is a security and privacy manager working at Continental Automotive Technologies GmbH. He is also a Privatdozent at Goethe University Frankfurt and (co-)founder and managing director of the Social Engineering Academy (SEA) GmbH.
Sebastian successfully completed diplomas in mathematics (Dipl.-Math.) and computer science (Dipl.-Inform.) at Darmstadt University of Technology and holds a doctoral degree (Dr. rer. nat.) from the University of Kassel and a venia legendi for computer science from his habilitation at Goethe University Frankfurt. From 2005 to 2011, he worked as research and teaching assistant at the Database Group (lead by Prof. Dr. Lutz Wegner) of the Department of Electrical Engineering and Computer Science of the University of Kassel. From 2011 to 2015, he was a senior researcher and teaching assistant at the Software Engineering for Critical Systems Group (lead by Prof. Dr. Jan Jürjens) of the Department of Computer Science Department of TU Dortmund University. From October 2014 to January 2015, he also was a visiting researcher (of Prof. Dr. Fabio Massacci) at the security group of the Department of Information Engineering and Computer Science of University of Trento. From October 2018 to August 2019 he was standing in as a professor for business informatics at Regensburg University. From 2015 to 2022 Sebastian was working as senior researcher at the Chair of Mobile Business & Multilateral Security at Goethe University Frankfurt and (co-)founder of the Social Engineering Academy. Outlets of his research include the following Journals and Conferences:
SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank SCImago Journal & Country Rank Lists of publications, given talks, projects been involved in, teaching activities and further scientific activities can be found on dedicated pages.


Research Interests

My current research focus is in the area of security and privacy with a particular interest in a holistic view on the examined systems. In particular, my research interests include, but are not limited to (naturally there will be an overlap between some of the topics):

Usability and Human behavior

It is important to design usable systems since otherwise improved security or privacy features won't be accepted by the users. On the other hand, usability is not the only factor deciding if a user accepts a certain system. I investigate how much certain factors influence the users' acceptance of privacy enhancing technologies and security measures.

Serious Games and Gamification

I aim to enable users to detect and defend social engineering attacks and privacy violations, to regard security considerations and to understand privacy implications. For that purpose, I develop and evaluate Serious Games and gamify processes and systems to improve user engagement and productivity.

Privacy-Enhancing Technologies

I investigate the development of secure and privacy-friendly architectures and practical solutions, such as anonymous e-commerce or the application of privacy patterns within fog and cloud computing environments. In particular, one of the re-occurring challenges is to make use of Privacy-Enhancing Technologies without degrading performance or usability.

Modeling & Measuring Privacy and Security

Security Management

Applied Crytography

I am also interested in applied cryptography for security and privacy purposes and the development of (crytographic) attacker models to get further insights about the chances of attackers to successfully break crytographic systems.

Selected Publications

  1. Harborth, D. and Pape, S.: Investigating Privacy Concerns Related to Mobile Augmented Reality Apps - A Vignette Based Online Experiment.
    In Computers in Human Behavior, 122, 2021.
    PDFDOILinkLinkLinkLink Abstract HP21chbBibtexprivacyarpsychologycs4e

    Citations: 31 (Google Scholar); 11 (Open Citations);
  2. Schmitz, C.; Schmid, M.; Harborth, D. and Pape, S.: Maturity Level Assessments of Information Security Controls: An Empirical Analysis of Practitioners' Assessment Capabilities.
    In Computers & Security, 108, 2021.
    PDFDOILinkLinkLinkLink Abstract SSHP21coseBibtexsecurityhuman factorscs4e

    Citations: 13 (Google Scholar); 2 (Open Citations);
  3. Löbner, S.; Tesfay, W. B.; Nakamura, T. and Pape, S.: Explainable Machine Learning for Default Privacy Setting Prediction.
    In IEEE Access, 9: 63700-63717, 2021.
    PDFDOILinkLinkLinkLink Abstract LTNP21accessBibtexprivacymachine learningcs4e

    Citations: 8 (Google Scholar); 2 (Open Citations);
  4. Pape, S.: Requirements Engineering and Tool-Support for Security and Privacy.
    PDFDOILinkLinkLink Abstract Pape20habilBibtexprivacysecuritypetsserious gamesocial engineeringcloud computingioteconomylawpsychology

    Citations: 1 (Google Scholar);
  5. Harborth, D.; Pape, S. and Rannenberg, K.: Explaining the Technology Use Behavior of Privacy-Enhancing Technologies: The Case of Tor and JonDonym.
    In Proceedings on Privacy Enhancing Technologies (PoPETs), 2020 (2): 111-128, 2020.
    PDFDOILinkLinkLinkLink Dataset Dataset Dataset Dataset Abstract HPR20petsBibtexinformation systemsprivacypetsanoncs4e

    Citations: 31 (Google Scholar); 13 (Open Citations);
  6. Schmitz, C. and Pape, S.: LiSRA: Lightweight Security Risk Assessment for Decision Support in Information Security.
    In Computers & Security, 90, 2020.
    PDFDOILinkLinkLinkLink Abstract SP20coseBibtexsecuritycritical infrastructuressidate

    Citations: 36 (Google Scholar); 14 (Researchgate); 19 (Open Citations);
  7. Harborth, D. and Pape, S.: How Nostalgic Feelings Impact Pokémon Go Players - Integrating Childhood Brand Nostalgia into the Technology Acceptance Theory.
    In Behaviour & Information Technology, 39 (12): 1276-1296, 2019.
    PDFDOILinkLinkLinkLink Abstract HP19bitBibtexinformation systemsarpsychologyanon

    Citations: 35 (Google Scholar); 10 (Researchgate); 9 (Open Citations);
  8. Pape, S. and Rannenberg, K.: Applying Privacy Patterns to the Internet of Things' (IoT) Architecture.
    In Mobile Networks and Applications (MONET) -- The Journal of SPECIAL ISSUES on Mobility of Systems, Users, Data and Computing, 24 (3): 925-933, 2019.
    PDFDOILinkLinkLinkLink Abstract PR19monetBibtexprivacysoftware engineeringpetscloud computingiot

    Citations: 41 (Google Scholar); 31 (Researchgate); 23 (Open Citations);
  9. Harborth, D. and Pape, S.: Exploring the Hype: Investigating Technology Acceptance Factors of Pokémon Go.
    In 2017 IEEE International Symposium on Mixed and Augmented Reality, ISMAR 2017, Nantes, France, October 9-13, 2017, pages 155-168, 2017, Acceptance rate: (17)/99 = 17.2 %.
    PDFDOILinkLinkLinkLink Abstract HP17ismarBibtexinformation systemsarpsychology

    Citations: 39 (Google Scholar); 25 (Researchgate); 9 (Open Citations);
  10. Schaab, P.; Beckers, K. and Pape, S.: Social engineering defence mechanisms and counteracting training strategies.
    In Information and Computer Security, 25 (2): 206-222, 2017.
    PDFDOILinkLinkLinkLink Abstract SBP17icsBibtexsecuritysocial engineeringpsychology

    Citations: 51 (Google Scholar); 25 (Researchgate); 21 (Open Citations);
  11. Beckers, K. and Pape, S.: A Serious Game for Eliciting Social Engineering Security Requirements.
    In Proceedings of the 24th IEEE International Conference on Requirements Engineering, IEEE Computer Society, RE '16 , 2016, Acceptance Rate: 22/79 = 27.8%.
    PDFDOILinkLinkLinkLink Abstract BP16reBibtexsecurityserious gamesocial engineeringhatchsidate

    Citations: 97 (Google Scholar); 49 (Researchgate); 42 (Open Citations);
  12. Pape, S.; Flake, J.; Beckmann, A. and Jürjens, J.: STAGE -- A Software Tool for Automatic Grading of Testing Exercises -- Case Study Paper.
    In Proceedings of the 38th International Conference on Software Engineering, ICSE 2016, Austin, TX, USA, May 14-22, 2016 - Companion Volume, pages 491-500, 2016, Acceptance rate: (22+4)/64 = (34.4 + 6.3) %.
    PDFPresentation slidesDOILinkLinkLinkLink Abstract PFBJ16icseBibtexsoftware engineering

    Citations: 14 (Google Scholar); 7 (Researchgate); 4 (Open Citations);
  13. Pape, S.: Sample or Random Security - A Security Model for Segment-Based Visual Cryptography.
    In Financial Cryptography and Data Security - 18th International Conference, FC 2014, Christ Church, Barbados, March 3-7, 2014, Revised Selected Papers, pages 291-303, 2014, Acceptance rate: 31 / 138 = 22.5%.
    PDFPresentation slidesDOILinkLinkLinkLink Abstract Pape14fcBibtexcrypto

    Citations: 2 (Google Scholar); 2 (Researchgate);
  14. Bleikertz, S.; Mastelic, T.; Pape, S.; Pieters, W. and Dimkov, T.: Defining the Cloud Battlefield -- Supporting Security Assessments by Cloud Customers.
    In Proceedings of IEEE International Conference on Cloud Engineering (IC2E), pages 78-87, 2013, Acceptance rate: 22 / 107 = 20.6%.
    PDFDOILinkLinkLinkLink Abstract BMPPD13ic2eBibtexsecuritycloud computingsecureclouds

    Citations: 19 (Google Scholar); 14 (Researchgate); 9 (Open Citations);