Faculty

Sascha Fahl

Empirical & Behavioral Security

Email

Address

Lange Laube 6
30159 Hannover (Germany)

Further Information

Short Bio

Prof. Dr. Sascha Fahl has been Professor for computer science and head of the chair for usable security and privacy since April 2018. Previously, he was head of the information security institute at Leibniz University in Hannover (2017 - 2018). From 2016 to 2017 he was independent research group leader of the usable security and privacy group at CISPA. He received a PhD in computer science from Leibniz University Hannover in 2016. In 2015 he was software engineer (SWE) intern in the Chrome Security team at Google in Mountain View.

CV: Last stations

Since 2021: Tenured Faculty at CISPA Helmholtz Center for Information Security
Since 2019: Professor at Leibniz University Hannover
2018 – 2019: Associate Professor at Ruhr University Bochum
2017 – 2018: Deputy Professor at Leibniz University Hannover, Germany

Publications by Sascha Fahl

Year 2023

2023-08-09

"Security is not my field, I'm a stats guy": A Qualitative Root Cause Analysis of Barriers to Adversarial Machine Learning Defenses in Industry.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags

Empirical & Behavioral Security

Authors

Jaron Mink
Harjot Kaur
Juliane Schmüser
Sascha Fahl
Yasemin Acar

Full Paper Visit Detail Page

2023-08-09

Pushed by Accident: A Mixed-Methods Study on Strategies of Handling Secret Information in Source Code Repositories.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags

Empirical & Behavioral Security

Authors

Alexander Krause
Jan Klemmer
Nicolas Huaman
Dominik Wermke
Yasemin Acar
Sascha Fahl

Full Paper Visit Detail Page

2023-08-09

"I wouldn't want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust.

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags

Empirical & Behavioral Security

Authors

Full Paper Visit Detail Page

2023-08-07

Privacy Mental Models of Electronic Health Records: A German Case Study.

Conference / Medium

Symposium on Usable Privacy and Security (SOUPS)

Tags

Empirical & Behavioral Security

Authors

Rebecca Panskus
Max Ninow
Sascha Fahl
Karola Marky

Full Paper Visit Detail Page

2023-05-25

It’s like flossing your teeth: On the Importance and Challenges of Reproducible Builds for Software Supply Chain Security

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags

Empirical & Behavioral Security

Authors

Marcel Fourné
dominik.wermke
William Enck
Sascha Fahl
Yasemin Acar

Full Paper Visit Detail Page

2023-05-22

"Always Contribute Back": A Qualitative Study on Security Challenges of the Open Source Supply Chain

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags

Empirical & Behavioral Security

Authors

dominik.wermke
Jan Klemmer
Noah Wöhler
Juliane Schmüser
Yasemin Acar Harshini Sri Ramulu
Sascha Fahl

Full Paper Visit Detail Page

2023-01

Privacy Rarely Considered: Exploring Considerations in the Adoption of Third-Party Services by Websites

Conference / Medium

Privacy Enhancing Technologies Symposium (PETS)

Tags

Empirical & Behavioral Security

Authors

Christine Utz
Sabrina Amft
Martin Degeling
Thorsten Holz
Sascha Fahl
Florian Schaub

Full Paper Visit Detail Page

Year 2022

2022-08-10

Where to Recruit for Security Development Studies: Comparing Six Software Developer Samples

Conference / Medium

Usenix Security Symposium (USENIX-Security)

Tags

Empirical & Behavioral Security

Authors

Harjot Kaur
Sabrina Amft
Daniel Votipka
Yasemin Acar
Sascha Fahl

Full Paper Visit Detail Page

2022-08

If You Can't Get Them to the Lab: Evaluating a Virtual Study Environment with Security Information Workers

Conference / Medium

Symposium on Usable Privacy and Security (SOUPS)

Tags

Empirical & Behavioral Security

Authors

Nicolas Huaman
Alexander Krause
dominik.wermke
Jan Klemmer
Christian Stransky
Yasemin Acar
Sascha Fahl

Full Paper Visit Detail Page

2022-05-26

27 Years and 81 Million Opportunities Later: Investigating the Use of Email Encryption for an Entire University

Conference / Medium

IEEE Symposium on Security and Privacy (S&P)

Tags

Empirical & Behavioral Security

Authors

Christian Stransky
Oliver Wiese
Volker Roth
Yasemin Acar
Sascha Fahl

Full Paper Visit Detail Page