USE: User Security Behavior (CMU/Berkeley/University of Pittsburgh Collaborative Proposal) - January 2017

Public Audience
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

PI(s): A. Acquisti, L.F. Cranor, N. Christin, R. Telang
Researchers: Alain Forget (CMU), Serge Egelman (Berkeley), and Scott Beach (Univ of Pittsburgh)

1) HARD PROBLEM(S) ADDRESSED (with short descriptions)
This refers to Hard Problems, released November 2012.

The Security Behavior Observatory addresses the hard problem of "Understanding and Accounting for Human Behavior" by collecting data directly from people's own home computers, thereby capturing people's computing behavior "in the wild". This data is the closest to the ground truth of the users' everyday security and privacy challenges that the research community has ever collected. We expect the insights discovered by analyzing this data will profoundly impact multiple research domains, including but not limited to behavioral sciences, computer security & privacy, economics, and human-computer interaction.

2) PUBLICATIONS

N/A

3) KEY HIGHLIGHTS

We completed development on the next version of our client software and deployed it to new and existing participants. This version of the client software primarily focuses on improving the capabilities of our sensors to monitor online behavior through web browser extensions. This update allows our researchers to gather detailed information related to participants' online behavior with a specific focus on password metrics. We plan to use the data collected with this update to replicate and build upon the methodology of a paper presented at SOUPS 2016 (Wash et al., 2016, "Understanding Password Choices: How Frequently Entered Passwords Are Re-used across Websites").

4) COMMUNITY ENGAGEMENTS - if applicable

N/A

5) EDUCATIONAL ADVANCES - if applicable

N/A