USE: User Security Behavior (CMU/Berkeley/University of Pittsburgh Collaborative Proposal) - January 2015
Public Audience
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.
PI(s): A. Acquisti, L.F. Cranor, N. Christin, R. Telang
Researchers: Alain Forget (CMU), Serge Egelman (Berkeley), and Scott Beach (Univ of Pittsburgh)
1) HARD PROBLEM(S) ADDRESSED (with short descriptions)
This refers to Hard Problems, released November 2012.
5. Understanding and Accounting for Human Behavior
The Security Behavior Observatory addresses the hard problem of "Understanding and Accounting for Human Behavior" by collecting data directly from people's own home computers, thereby capturing people's computing behavior "in the wild". This data is the closest to the ground truth of the users' everyday security and privacy challenges that the research community has ever collected. We expect the insights discovered by analyzing this data will profoundly impact multiple research domains, including but not limited to behavioral sciences, computer security & privacy, economics, and human-computer interaction.
2) PUBLICATIONS
Report papers written as a results of this research. If accepted by or submitted to a journal, which journal. If presented at a conference, which conference.
A. Forget, S. Komanduri, A. Acquisti, N. Christin, L.F. Cranor, R. Telang. "Security Behavior Observatory: Infrastructure for Long-term Monitoring of Client Machines." Carnegie Mellon University CyLab Technical Report CMU-CyLab-14-009. https://www.cylab.cmu.edu/research/techreports/2014/tr_cylab14009.html (accessed 2014-09-05)
A. Forget, S. Komanduri, A. Acquisti, N. Christin, L.F. Cranor, R. Telang (2014). Building the Security Behavior Observatory: An Infrastructure for Long-term Monitoring of Client Machines. Invited talk and poster at the IEEE Symposium and Bootcamp on the Science of Security (HotSoS) 2014.
By its very nature - building infrastructure to collect data, then collecting, and eventually analyzing the data - the project has a long set up phase. As a result, it will likely be much more publication-centered toward the second half of its projected duration. However, we are confident that the greater number and quality of sensors we are building, and the more secure, reliable, and robust infrastructure we continue to build will provide more and better data, resulting in more and stronger publications.
However, now that have launched our data collection pilot study, we hope to compile the lessons learnt about building and launching such a large-scale field study into an early publication. We also hope the pilot will go smoothly enough that we could submit a paper with early results from the short-term data collected.
3) KEY HIGHLIGHTS
1) The successful beta-test pilot study of our data collection architecture, demonstrating the reliability and stability of our infrastructure, has led to the launch of our main study by recruiting participants from the general population. At this time, we have collected data from over 50 participants and recruitment is on-going.
2) With the launch of our main study, we are now colleting live data from numerous data collection sensors tracking client machines' processes, filesystem meta-data (e.g., file path, file size, date created, date modified, permissions), network packet headers, Windows security logs, Windows updates, installed software, web browsing settings and behaviour, and wireless access points.
3) The challenges we have overcome have given us a better understanding of field study deployment, which can contribute to the science of security by publishing solid recommendations (and pitfalls to avoid) when designing, building, and executing similar large-scale data collection projects.