@INPROCEEDINGS{HB17, author={H. Hibshi and T. D. Breaux}, booktitle={2017 IEEE 25th International Requirements Engineering Conference (RE)}, title={Reinforcing Security Requirements with Multifactor Quality Measurement}, year={2017}, pages={144-153}, keywords={formal specification;natural languages;security of data;software quality;statistical analysis;MQM;Multifactor Quality Method;Multifactor Quality measurement;elicited expert preferences;minimal analyst expertise;natural language scenarios;quantitative statistical analysis;requirements analysts;security quality ratings;security requirements elicitation;security requirements reinforcement;weak security constraints;Analytical models;Authentication;Databases;Operating systems;Requirements engineering;Stakeholders;context;qualitative analysis;requirements elicitation;scenarios;security requirements;user study;vignettes}, doi={10.1109/RE.2017.77}, month={Sept},}@INPROCEEDINGS{HBW16, author={H. Hibshi and T. D. Breaux and C. Wagner}, booktitle={2016 IEEE Symposium Series on Computational Intelligence (SSCI)}, title={Improving security requirements adequacy}, year={2016}, pages={1-8}, keywords={Frequency selective surfaces;Fuzzy logic;Fuzzy sets;Pragmatics;Reliability;Security;Uncertainty;fuzzy logic;recommender system;scenarios;security requirements;type-2;uncertainty;user study;vignettes}, doi={10.1109/SSCI.2016.7849906}, month={Dec},}@inproceedings{BBHF16, author = {Bhatia, Jaspreet and Breaux, Travis D. and Friedberg, Liora and Hibshi, Hanan and Smullen, Daniel}, title = {Privacy Risk in Cybersecurity Data Sharing}, booktitle = {Proceedings of the 2016 ACM on Workshop on Information Sharing and Collaborative Security}, series = {WISCS '16}, year = {2016}, isbn = {978-1-4503-4565-1}, location = {Vienna, Austria}, pages = {57--64}, numpages = {8}, url = {http://doi.acm.org/10.1145/2994539.2994541}, doi = {10.1145/2994539.2994541}, acmid = {2994541}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {cybersecurity data sharing, data usage, personal privacy, risk perception}, }@article{HBRW16, author = {Hibshi, Hanan and Breaux, Travis D. and Riaz, Maria and Williams, Laurie}, title = {A grounded analysis of experts{\textquoteright} decision-making during security assessments}, year = {2016}, doi = {10.1093/cybsec/tyw010}, publisher = {The Oxford University Press}, issn = {2057-2085}, URL = {http://cybersecurity.oxfordjournals.org/content/early/2016/10/04/cybsec.tyw010}, eprint = {http://cybersecurity.oxfordjournals.org/content/early/2016/10/04/cybsec.tyw010.full.pdf}, journal = {Journal of Cybersecurity} }@inproceedings{HBB15, author={Hibshi, Hanan and Breaux, Travis D. and Broomell, Stephen B.}, booktitle={2015 IEEE 23rd International Requirements Engineering Conference (RE15)}, title={Assessment of risk perception in security requirements composition}, year={2015}, pages={146-155}, keywords={Analytical models;Atmospheric measurements;Computational modeling;Cryptography;Particle measurements;Standards;factor surveys;requirements elicitation;security requirements;user study;vignettes}, doi={10.1109/RE.2015.7320417} }@inproceedings{BSH15, author={Breaux, Travis D. and Smullen, Daniel and Hibshi, Hanan}, booktitle={2015 IEEE 23rd International Requirements Engineering Conference (RE15)}, title={Detecting repurposing and over-collection in multi-party privacy requirements specifications}, year={2015}, pages={166-175}, keywords={Advertising;Data privacy;Facebook;Limiting;Privacy;Terminology;Data flow analysis;privacy principles;requirements validation}, doi={10.1109/RE.2015.7320419} }@INPROCEEDINGS{HBRW14, author={H. Hibshi and T. Breaux and M. Riaz and L. Williams}, booktitle={2014 IEEE 1st International Workshop on Evolving Security and Privacy Requirements Engineering (ESPRE)}, title={Towards a framework to measure security expertise in requirements analysis}, year={2014}, pages={13-18}, keywords={decision making;formal specification;security of data;source code (software);coding theory;cognitive theory;decision-making patterns;decision-making process;grounded analysis;network diagrams;requirements checklist;security expertise;security experts;security requirements analysis;security vulnerabilities;situation awareness;source code;specifications ambiguity;Decision making;Encoding;Firewalls (computing);Interviews;Software;Uncertainty;Security;decision-making;patterns;requirements analysis;situation awareness}, doi={10.1109/ESPRE.2014.6890522}, month={Aug},}@inproceedings{BHRL12, author = {Breaux, T.D. and Hibshi, H. and Rao, A. and Lehker, J.}, booktitle = {IEEE Second International Workshop on Requirements Patterns (RePa)}, title = {Towards a framework for pattern experimentation: Understanding empirical validity in requirements engineering patterns}, year = {2012}, pages = {41-47}, doi = {10.1109/RePa.2012.6359975} }@inproceedings{HVC11, author = {Hibshi, H. and Vidas, T. and Cranor, L.F.}, booktitle = {Sixth International Conference on IT Security Incident Management and IT Forensics (IMF)}, title = {Usability of Forensics Tools: A User Study}, year = {2011}, pages = {81-91}, doi = {10.1109/IMF.2011.19} }@inproceedings{RHBL14, author = {Rao, Ashwini and Hibshi, Hanan and Breaux, Travis and Lehker, Jean-Michel and Niu, Jianwei}, title = {Less is More?: Investigating the Role of Examples in Security Studies Using Analogical Transfer}, booktitle = {Proceedings of the 2014 Symposium and Bootcamp on the Science of Security}, series = {HotSoS '14}, year = {2014}, isbn = {978-1-4503-2907-1}, location = {Raleigh, North Carolina, USA}, pages = {7:1--7:12}, articleno = {7}, numpages = {12}, url = {http://doi.acm.org/10.1145/2600176.2600182}, doi = {10.1145/2600176.2600182}, acmid = {2600182}, publisher = {ACM}, address = {New York, NY, USA}, keywords = {analogical transfer, human factors, psychology, security} }@article{BHR13, author = {Breaux, TravisD. and Hibshi, Hanan and Rao, Ashwini}, year = {2014}, issn = {0947-3602}, journal = {Requirements Engineering}, title = {Eddy, a formal language for specifying and analyzing data flow specifications for conflicting privacy requirements}, url = {http://dx.doi.org/10.1007/s00766-013-0190-7}, publisher = {Springer London}, keywords = {Privacy; Requirements; Standardization; Description logic; Formal analysis}, pages = {1-27}, language = {English}, doi = {10.1007/s00766-013-0190-7} }This file was generated by bibtex2html 1.97.