发布求助
文献互助 智能选刊 最新文献

Proceedings 2023 Symposium on Usable Security最新文献

筛选
英文 中文
User Attitudes Towards Controls for Ad Interests Estimated On-device by the Browser 用户对浏览器在设备上估计的广告兴趣控制的态度
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.239417
F. Lachner, Minzhe Yuan Chen Cheng, Theodore T. Olsauskas-Warren
{"title":"User Attitudes Towards Controls for Ad Interests Estimated On-device by the Browser","authors":"F. Lachner, Minzhe Yuan Chen Cheng, Theodore T. Olsauskas-Warren","doi":"10.14722/usec.2023.239417","DOIUrl":"https://doi.org/10.14722/usec.2023.239417","url":null,"abstract":"—Online behavioral advertising is a double-edged sword. While relevant display ads are generally considered useful, opaque tracking based on third-party cookies has reached unfettered sprawl and is deemed to be privacy-intrusive. However, existing ways to preserve privacy do not sufficiently balance the needs of both users and the ecosystem. In this work, we evaluate alternative browser controls. We leverage the idea of inferring interests on users’ devices and designed novel browser controls to manage these interests. Through a mixed method approach, we studied how users feel about this approach. First, we conducted pilot interviews with 9 participants to test two design directions. Second, we ran a survey with 2,552 respondents to measure how our final design compares with current cookie settings. Respondents reported a significantly higher level of perceived privacy and feeling of control when introduced to the concept of locally inferred interests with an option for removal.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123119831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
"I didn't click": What users say when reporting phishing “我没有点击”:用户在报告网络钓鱼时所说的话
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.233129
Nikolas Pilavakis, Adam D. G. Jenkins, Nadin Kökciyan, Kami Vaniea
{"title":"\"I didn't click\": What users say when reporting phishing","authors":"Nikolas Pilavakis, Adam D. G. Jenkins, Nadin Kökciyan, Kami Vaniea","doi":"10.14722/usec.2023.233129","DOIUrl":"https://doi.org/10.14722/usec.2023.233129","url":null,"abstract":"—When people identify potential malicious phishing emails one option they have is to contact a help desk to report it and receive guidance. While there is a great deal of effort put into helping people identify such emails and to encourage users to report them, there is relatively little understanding of what people say or ask when contacting a help desk about such emails. In this work, we qualitatively analyze a random sample of 270 help desk phishing tickets collected across nine months. We find that when reporting or asking about phishing emails, users often discuss evidence they have observed or gathered, potential impacts they have identified, actions they have or have not taken, and questions they have. Some users also provide clear arguments both about why the email really is phishing and why the organization needs to take action about it.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"357 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116226329","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Analyzing the Patterns and Behavior of Users When Detecting and Preventing Tech-enabled Stalking 在检测和防止技术跟踪时分析用户的模式和行为
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.238140
Nick Ceccio, Naman Gupta, Majed Almansoori, Rahul Chatterjee
{"title":"Analyzing the Patterns and Behavior of Users When Detecting and Preventing Tech-enabled Stalking","authors":"Nick Ceccio, Naman Gupta, Majed Almansoori, Rahul Chatterjee","doi":"10.14722/usec.2023.238140","DOIUrl":"https://doi.org/10.14722/usec.2023.238140","url":null,"abstract":"—Intimate partner violence (IPV) is a prevalent societal issue that affects many people globally. Unfortunately, abusers rely on technology to spy on their partners. Prior works show that victims and advocates fail to combat and prevent technology-enabled stalking due to their limited technical background. However, not much is known about this issue; why do victims and advocates struggle to combat technology-enabled stalking despite the ease of finding resources online? To answer this question, we aim to conduct a mixed-method study to explore smartphone usage patterns and internet search behavior while detecting and preventing technology-enabled abuse. In this future work, we plan to conduct a mixed-method between-group study to investigate the smartphone usage patterns and internet search behavior of participants helping their friend combat technology-enabled spying. We expect the tech-savvy participants to be more effective and time-efficient in finding and disabling stalking methods than non-tech-savvy participants.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121600448","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Investigating User Behavior Towards Fake News on Social Media Using Gaze and Mouse Movements 通过凝视和鼠标移动来调查用户对社交媒体上虚假新闻的行为
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.232041
Yasmeen Abdrabou, Elisaveta Karypidou, Florian Alt, Mariam Hassib
{"title":"Investigating User Behavior Towards Fake News on Social Media Using Gaze and Mouse Movements","authors":"Yasmeen Abdrabou, Elisaveta Karypidou, Florian Alt, Mariam Hassib","doi":"10.14722/usec.2023.232041","DOIUrl":"https://doi.org/10.14722/usec.2023.232041","url":null,"abstract":"—We propose an approach to identify users’ exposure to fake news from users’ gaze and mouse movement behavior. Our approach is meant as an enabler for interventions that make users aware of engaging with fake news while not being consciously aware of this. Our work is motivated by the rapid spread of fake news on the web (in particular, social media) and the difficulty and effort required to identify fake content, either technically or by means of a human fact checker. To this end, we set out with conducting a remote online study ( N = 54 ) in which participants were exposed to real and fake social media posts while their mouse and gaze movements were recorded. We identify the most predictive gaze and mouse movement features and show that fake news can be predicted with 68.4% accuracy from users’ gaze and mouse movement behavior. Our work is complemented by discussing the implications of using behavioral features for mitigating the spread of fake news on social media.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126650581","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Kids, Cats, and Control: Designing Privacy and Security Dashboards for IoT Home Devices 孩子,猫和控制:为物联网家庭设备设计隐私和安全仪表板
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.236290
Jacob Abbott, Jayati Dev, DongInn Kim, S. Gopavaram, Meera Iyer, Shivani Sadam, Shrirang Mare, Tatiana R. Ringenberg, Vafa Andalibi, L. Camp
{"title":"Kids, Cats, and Control: Designing Privacy and Security Dashboards for IoT Home Devices","authors":"Jacob Abbott, Jayati Dev, DongInn Kim, S. Gopavaram, Meera Iyer, Shivani Sadam, Shrirang Mare, Tatiana R. Ringenberg, Vafa Andalibi, L. Camp","doi":"10.14722/usec.2023.236290","DOIUrl":"https://doi.org/10.14722/usec.2023.236290","url":null,"abstract":"—In the last decade integration of Internet of Things (IoT) ecosystems has increased exponentially, and it is necessary that our understanding of human behavior when interacting with multiple smart devices in an IoT ecosystem keep pace. To better understand users’ perceptions and use of in-home IoT ecosystem over time, we implemented an ecosystem in homes of participants so that we could both test previous findings about individual devices and identify differences that arise in the content of a home with multiple IoT devices. Specifically, we recruited eight participants from separate households who installed identical IoT configurations, and interviewed each participant for five weeks. We included an Android dashboard to provide device control and data transparency. We detail the semi-structured interviews to compare user perceptions of what devices are classified as IoT, the perceived sustainability of IoT devices, interactions with and desires of dashboard information, and exploration of current notification preferences and mitigation strategies. We discuss the factors which participants identified as being relevant to their personal experiences with IoT devices and contribute recommendations for dashboard designs and control mechanisms for IoT devices. We note that the participants uniformly had a more expansive definition of IoT than that found in much of the previous literature, implying that our understanding of perceptions of in-home IoT may be informed by previous research on security systems, wearables, watches, and phones. We identify where our results reify findings of studies","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"83 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126293054","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Exploratory Study of Malicious Link Posting on Social Media Applications 社交媒体应用中恶意链接发布的探索性研究
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.234399
Muhammad Hassan, Mahnoor Jameel, Masooda N. Bashir
{"title":"An Exploratory Study of Malicious Link Posting on Social Media Applications","authors":"Muhammad Hassan, Mahnoor Jameel, Masooda N. Bashir","doi":"10.14722/usec.2023.234399","DOIUrl":"https://doi.org/10.14722/usec.2023.234399","url":null,"abstract":"Social network platforms are now widely used as a mode of communication globally due to their popularity and their ease of use. Among the various content-sharing capabilities made available via these applications, link-sharing is a common activity among social media users. While this feature provides a desired functionality for the platform users, link sharing enables attackers to exploit vulnerabilities and compromise users’ devices. Attackers can exploit this content-sharing feature by posting malicious/harmful URLs or deceptive posts and messages which are intended to hide a dangerous link. However, it is not clear how the most common social media applications monitor and/or filter when their users share malicious URLs or links through their platforms. To investigate this security vulnerability, we designed an exploratory study to examine the top five android social media applications’ performance when it comes to malicious link sharing. The aim was to determine if the selected applications had any filtering or defenses against malicious URL sharing. Our results show that most of the selected social media applications did not have an effective defense against the posting and spreading of malicious URLs. While our results are exploratory, we believe our study demonstrates the presence of a vital security vulnerability that malicious attackers or unaware users can use to spread harmful links. In addition, our findings can be used to improve our understanding of link-based attacks as well as the design of security measures that usability into account.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"129 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130385731","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Security Awareness Training through Experiencing the Adversarial Mindset 通过体验对抗心态来培养安全意识
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.237300
Jens Dalgaard, N.A.M. Janssen, O. Kulyk, C. Schürmann
{"title":"Security Awareness Training through Experiencing the Adversarial Mindset","authors":"Jens Dalgaard, N.A.M. Janssen, O. Kulyk, C. Schürmann","doi":"10.14722/usec.2023.237300","DOIUrl":"https://doi.org/10.14722/usec.2023.237300","url":null,"abstract":"—Cybersecurity concerns are increasingly growing across different sectors globally, yet security education remains a challenge. As such, many of the current proposals suffer from drawbacks, such as failing to engage users or to provide them with actionable guidelines on how to protect their security assets in practice. In this work, we propose an approach for designing security trainings from an adversarial perspective, where the audience learns about the specific methodology of the specific methods, which attackers can use to break into IT systems. We design a platform based on our proposed approach and evaluate it in an empirical study ( N = 34 ), showing promising results in terms of motivating users to follow security policies.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124335010","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
BANS: Evaluation of Bystander Awareness Notification Systems for Productivity in VR 旁观者意识通知系统在VR生产力的评估
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.234566
S. Mansour, Pascal Knierim, Joseph O'Hagan, Florian Alt, Florian Mathis
{"title":"BANS: Evaluation of Bystander Awareness Notification Systems for Productivity in VR","authors":"S. Mansour, Pascal Knierim, Joseph O'Hagan, Florian Alt, Florian Mathis","doi":"10.14722/usec.2023.234566","DOIUrl":"https://doi.org/10.14722/usec.2023.234566","url":null,"abstract":"—VR Head-Mounted Displays (HMDs) provide unlimited and personalized virtual workspaces and will enable working anytime and anywhere. How- ever, if HMDs are to become ubiquitous, VR users are at risk of being observed, which can threaten their privacy. We examine six Bystander Awareness Notification Systems (BANS) to enhance VR users’ bystander awareness whilst immersed in VR. In a user study (N=28), we explore how future HMDs equipped with BANS might enable users to maintain their privacy while contributing towards enjoyable and produc- tive travels. Results indicate that BANS increase VR users’ bystander awareness without affecting presence and productivity. Users prefer BANS that extract and present the most details of reality to facilitate their bystander awareness. We conclude by synthesizing four recommendations, such as providing VR users with control over BANS and considering how VR users can best transition between realities, to inform the design of privacy-preserving HMDs.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"174 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120880953","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
The Walls Have Ears: Gauging Security Awareness in a Home Workspace 《隔墙有耳:衡量家庭工作空间的安全意识
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.231868
G. Jayakrishnan, Vijayanand Banahatt, S. Lodha
{"title":"The Walls Have Ears: Gauging Security Awareness in a Home Workspace","authors":"G. Jayakrishnan, Vijayanand Banahatt, S. Lodha","doi":"10.14722/usec.2023.231868","DOIUrl":"https://doi.org/10.14722/usec.2023.231868","url":null,"abstract":"— The pandemic changed the global enterprise working model. Work from home became the norm and so did the associated security risks. The new workspace posed new dangers such as insecure network and lack of organizational supervisions at home. Failing to adhere to strict security practices in the comfort of home could result in the leakage of confidential information. So, employees’ security awareness plays a major role in this new setting. In this paper, we present ‘Secure Workspace’, a serious game set in a simulated home workspace, that we used to gauge the awareness levels of enterprise employees on secure practices. Our game was well received and played by over 36,000 participants. Based on the participants’ performance, we present insights on their awareness, and an advisory to help reduce the number of security violations while working from home.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124756183","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Automatic Retrieval of Privacy Factors from IoMT Policies: ML and Custom NER Approach 从IoMT策略中自动检索隐私因素:ML和自定义NER方法
Proceedings 2023 Symposium on Usable Security Pub Date : 1900-01-01 DOI: 10.14722/usec.2023.235685
Nyteisha Bookert, Mohd M. Anwar
{"title":"Automatic Retrieval of Privacy Factors from IoMT Policies: ML and Custom NER Approach","authors":"Nyteisha Bookert, Mohd M. Anwar","doi":"10.14722/usec.2023.235685","DOIUrl":"https://doi.org/10.14722/usec.2023.235685","url":null,"abstract":"—Patient-generated health data is growing at an unparalleled rate due to advancing technologies (e.g., the Internet of Medical Things, 5G, artificial intelligence) and increased consumer transactions. The influx of data has offered life-altering solutions. Consequently, the growth has created signif- icant privacy challenges. A central theme to mitigating risks is promoting transparency and notifying stakeholders of data practices through privacy policies. However, natural language privacy policies have several limitations, such as being difficult to understand (by the user), lengthy, and having conflicting requirements. Yet they remain the de facto standard to inform users of privacy practices and how organizations follow privacy regulations. We developed an automated process to evaluate the appropriateness of combining machine learning and custom named entity recognition techniques to extract IoMT-relevant privacy factors in the privacy policies of IoMT devices. We employed machine learning and the natural language processing technique of named entity recognition to automatically analyze a corpus of policies and specifications to extract privacy-related information for the IoMT device. Based on the natural language analysis of policies, we provide fine-grained annotations that can help reduce the manual and tedious process of policy analysis and aid privacy engineers and policy makers in developing suitable privacy policies.","PeriodicalId":407611,"journal":{"name":"Proceedings 2023 Symposium on Usable Security","volume":"349 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132550829","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信
小红书