Risk Compensation in Home-User Computer Security Behavior: A Mixed-Methods Exploratory Study
| Title | Risk Compensation in Home-User Computer Security Behavior: A Mixed-Methods Exploratory Study |
| Publication Type | Conference Proceedings |
| Year of Publication | 2016 |
| Authors | Sarah Pearman, Nicholas Munson, Leeyat Slyper, Lujo Bauer, Serge Egelman, Arnab Kumar, Charu Sharma, Jeremy Thomas, Nicolas Christin |
| Conference Name | SOUPS 2016: 12th Symposium on Usable Privacy and Security |
| Date Published | 06/2016 |
| Publisher | 2016 by The USENIX Association |
| Conference Location | Denver, CO |
| ISBN Number | 978-1-931971-31-7 |
| Keywords | CMU, July'16, security; usable security; risk homeostasis theory; risk compensation |
| Abstract | Risk homeostasis theory claims that individuals adjust their behaviors in response to changing variables to keep what they perceive as a constant accepted level of risk [8]. Risk homeostasis theory is used to explain why drivers may drive faster when wearing seatbelts. Here we explore whether risk homeostasis theory applies to end-user security behaviors. We use observed data from over 200 participants in a longitudinal in-situ study as well as survey data from 249 users to attempt to determine how user security behaviors and attitudes are affected by the presence or absence of antivirus software. If risk compensation is occurring, users might be expected to behave more dangerously in some ways when antivirus is present. Some of our preliminary data suggests that risk compensation may be occurring, but additional work with larger samples is needed. |
| Citation Key | node-30244 |
| Attachment | Size |
|---|---|
| bytes |