Visible to the public Characterizing user behavior and anticipating its effects on computer security with a Security Behavior Observatory - October 2022Conflict Detection Enabled

Submitted by Jamie Presken on Tue, 09/13/2022 - 8:07am

PI(s), Co-PI(s), Researchers:

Lorrie Cranor, Nicolas Christin

Researchers: Sarah Pearman, Jeremy Thomas

HARD PROBLEM(S) ADDRESSED
This refers to Hard Problems, released November 2012.

The Security Behavior Observatory addresses the hard problem of "Understanding and Accounting for Human Behavior" by collecting data directly from people's own home computers, thereby capturing people's computing behavior "in the wild". This data is the closest to the ground truth of the users' everyday security and privacy challenges that the research community has ever collected. We expect the insights discovered by analyzing this data will profoundly impact multiple research domains, including but not limited to behavioral sciences, computer security & privacy, economics, and human-computer interaction.

PUBLICATIONS

N/A this quarter

PUBLIC ACCOMPLISHMENT HIGHLIGHTS

The SBO addresses the hard problem of "Understanding and Accounting for Human Behavior" by collecting data directly from people's own home computers, thereby capturing people's computing behavior "in the wild."

Paper Published: On recruiting and retaining users for security-sensitive longitudinal measurement panels. Akira Yamada, Kyle Crichton, Yukiko Sawaya, Jin-Dong Dong, Sarah Pearman, Ayumu Kubota, and Nicolas Christin. Appeared at SOUPS 2022.

  • Long-term measurement studies, like the SBO, which collect highly-detailed information about user behavior can be quite intrusive to the participant, making recruitment and retention difficult for researchers.
  • Comparing three different longitudinal studies; the SBO, data collected through a browser security toolbar, and a mobile application similar to the SBO; we assess (1) how the incentives offered to participants affects the sample recruited and (2) what factors influence user retention.
  • We find that minimizing interference with the user's device, finding the right balance of communication with participants, following up with inactive users, and providing tangible benefits for participation help retain participants.

COMMUNITY ENGAGEMENTS

EDUCATIONAL ADVANCES (If Applicable)

Groups: