Visible to the public Biblio

Filters: Author is Forget, Alain  [Clear All Filters]
2015-01-13
Forget, Alain, Komanduri, Saranga, Acquisti, Alessandro, Christin, Nicolas, Cranor, Lorrie, Telang, Rahul.  2014.  Building the Security Behavior Observatory: An Infrastructure for Long-term Monitoring of Client Machines. IEEE Symposium and Bootcamp on the Science of Security (HotSoS) 2014.

We present an architecture for the Security Behavior Observatory
(SBO), a client-server infrastructure designed to
collect a wide array of data on user and computer behavior
from hundreds of participants over several years. The SBO
infrastructure had to be carefully designed to fulfill several
requirements. First, the SBO must scale with the desired
length, breadth, and depth of data collection. Second, we
must take extraordinary care to ensure the security of the
collected data, which will inevitably include intimate participant
behavioral data. Third, the SBO must serve our
research interests, which will inevitably change as collected
data is analyzed and interpreted. This short paper summarizes
some of our design and implementation benefits and
discusses a few hurdles and trade-offs to consider when designing
such a data collection system.

Forget, Alain, Komanduri, Saranga, Acquisti, Alessandro, Christin, Nicolas, Cranor, Lorrie, Teland, Rahul.  2014.  Security Behavior Observatory: Infrastructure for Long-term Monitoring of Client Machines.

Much of the data researchers usually collect about users’ privacy and security behavior comes from short-term studies and focuses on specific, narrow activities. We present a design architecture for the Security Behavior Observatory (SBO), a client-server infrastructure designed to collect a wide array of data on user and computer behavior from a panel of hundreds of participants over several years. The SBO infrastructure had to be carefully designed to fulfill several requirements. First, the SBO must scale with the desired length, breadth, and depth of data collection. Second, we must take extraordinary care to ensure the security and privacy of the collected data, which will inevitably include intimate details about our participants' behavior. Third, the SBO must serve our research interests, which will inevitably change over the course of the study, as collected data is analyzed, interpreted, and suggest further lines of inquiry. We describe in detail the SBO infrastructure, its secure data collection methods, the benefits of our design and implementation, as well as the hurdles and tradeoffs to consider when designing such a data collection system. - See more at: https://www.cylab.cmu.edu/research/techreports/2014/tr_cylab14009.html#sthash.vsO39UdR.dpuf