, Guest Editors' Introduction: Why Attacking Systems Is a Good Idea, IEEE Security and Privacy Magazine, vol.2, issue.4, pp.17-19, 2004.
DOI : 10.1109/MSP.2004.46
, Busting the ghost in the machine, Communications of the ACM, vol.48, issue.8, pp.92-95, 2005.
, Why computer scientists should attend hacker conferences, Communications of the ACM, vol.48, issue.3, pp.23-24, 2005.
DOI : 10.1145/1047671.1047694
, Hacking and innovation (Guest Editors' introduction), Communications of the ACM, vol.49, issue.6, pp.33-36, 2006.
, Improving the security of your site by breaking into it. Usenet Posting to comp.security.unix, 3, 1993.
, Hack This Site
, International Capture The Flag
, A quantitative model of the security intrusion process based on attacker behavior, Transactions on Software Engineering, pp.235-245, 1997.
DOI : 10.1109/32.588541
, Wie lehrt man IT-Sicherheit am Besten ? ¨ Ubersicht, Klassifikation und Basismodule. Master's thesis, RWTH Aachen, 2007.
, Vergleich von Lehransätzen für die Ausbildung in IT-Sicherheit, 2009.
, Is Attack Better Than Defense? Teaching Information Security the Right Way, Proceedings of the Conference on Information Security Curriculum Development (InfoSecCD), pp.44-48, 2006.
, Two approaches to an information security laboratory, Communications of the ACM, vol.51, issue.12, pp.138-142, 2008.
DOI : 10.1145/1409360.1409386
, Angewandte Informationssicherheit, Informatik-Spektrum, vol.23, issue.3, 2000.
DOI : 10.1007/s002870000099
, Experimental and Quasi-Experimental Designs for Generalized Causal Inference, Cengage Learning, 2001.
, Red team/blue team, capture the flag, and treasure hunt: Teaching network security through live exercises, World Conference on Information Security Education, pp.3-18, 2003.
, Security across the curriculum: Using computer security to teach computer science principles, Proceedings of the 19th International Information Systems Security Conference, pp.519-525, 1998.