Usability

group_project

Visible to the public EAGER: Unattended/Automated Studies of Effects of Auditory Distractions on Users Performing Security-Critical Tasks

Submitted by alfredkobsa on Mon, 10/16/2017 - 1:47pm

User errors or delays while performing security-critical tasks can lead to undesirable or even disastrous consequences. The impact of both accidental and intentional distractions on users in such situations has received little investigation. In particular, it is unclear whether and how sensory stimuli (e.g., sound or light) influence users' behavior and trigger mistakes. Better understanding of the effects of such distractions can lead to increased user awareness and countermeasures.

group_project

Visible to the public EAGER: Creating a TTP Ecosystem Discovery and Support Resource for Cybersecurity Technology Transfer to Practice

Submitted by Yasinsac on Mon, 10/16/2017 - 12:10pm

The 2011 Federal Cybersecurity Research and Development Plan cites "Accelerating Transition to Practice (TTP)" as one of five strategic objectives in the Cyber Security and Information Assurance (CSIA) Program Component Area. TTP remains a strategic objective of Agencies which fund cybersecurity research, including NSF. However, the NSF cybersecurity portfolio contains only a small amount of security research that has been transitioned into operational activities.

group_project

Visible to the public SBE: Medium: User-Centric Design of a Sonification System for Automatically Alarming Security Threats and Impact

Submitted by asiamina on Mon, 10/16/2017 - 11:46am

The Internet has become an integral part of everyday life. The great benefits of the Internet also come with potential risks, security issues, and privacy concerns. Internet security products are usually employed to inform users about security incidents.

group_project

Visible to the public EDU: QuaSim: A Virtual Interactive Quantum Cryptography Educator-A Project-based Gamified Educational Paradigm

Submitted by Abhishek Parakh on Thu, 10/12/2017 - 5:58pm

Video-based traffic monitoring systems have been widely used for traffic management, incident detection, intersection control, and public safety operations. Current designs pose critical challenges. First, it relies heavily on human operators to monitor and analyze video images. Second, commercially available computer vision technologies cannot satisfactorily handle severe conditions, such as weather and glare, which significantly impair video image quality.

group_project

Visible to the public TWC: Small: Unsupervised and Statistical Natural Language Processing Techniques for Automatic Phishing and Opinion Spam Detection

Submitted by Rakesh Verma on Thu, 10/12/2017 - 1:49pm

In phishing, an attacker tries to steal sensitive information, e.g., bank/credit card account numbers, login information, etc., from Internet users. The US society and economy are increasingly dependent on the Internet and the web, which is plagued by phishing. One popular phishing method is to create a site that mimics a good site and then attract users to it via email, which is by far the most popular medium to entice unsuspecting users to the phishing site.

group_project

Visible to the public SaTC-BSF: TWC: Small: Using Individual Differences to Personalize Security Mitigations

Submitted by Serge Egelman on Wed, 10/11/2017 - 4:07pm

Over the past decade, people have realized that failure to account for human factors has resulted in many software security problems. Yet, when software does feature user-centric design, it takes into account average user behavior rather than catering to the individual. Thus, systems designers have gone from designing for security experts to now appealing to the least common denominator.

group_project

Visible to the public TTP: Medium: A Campus Pilot For A Privacy-Enabled Cloud Storage, Search, and Collaboration Portal for Education

Submitted by Radu Sion on Wed, 10/11/2017 - 2:23pm

As higher education institutions consider moving services to the cloud to save costs and improve collaboration, significant challenges to successful large-scale adoption still exist. Institutions are unwilling to risk cloud deployment because provable technological defenses have thus far been lacking. Control over sensitive data is relinquished without the institution's knowledge, liability is shifted and data breach risks are significantly increased. Further, regulatory-sensitive data has become an increasingly attractive target.

group_project

Visible to the public SBE: Small: Protecting Privacy in Cyberspace: From Neuroscience Investigations to Behavioral Interventions

Submitted by Paul Pavlou on Wed, 10/11/2017 - 1:44pm

A key characteristic of cyberspace is the collection of large amounts of data, and people's privacy becomes vulnerable given the hyper-connectivity of cyberspace and the ease of accessing data. This project aims to enhance the safety and trustworthiness of cyberspace by designing choice architecture interventions informed by the neural processes underlying privacy to help people make better decisions about their privacy in cyberspace.

group_project

Visible to the public SBE: Medium: Towards Personalized Privacy Assistants

Submitted by Norman Sadeh on Wed, 10/11/2017 - 11:14am

Whether it is on their smartphones, in their browsers or on social networks, people are confronted with an increasingly unmanageable number of privacy settings. What is needed is a new, more scalable paradigm that empowers them to regain control over the collection and use of their data. This is particularly the case for mobile apps people download on their smartphones. These apps have been shown to collect and share a wide variety of sensitive data, with users unable to keep up.

group_project

Visible to the public GREPSEC III: Underrepresented Groups in Security Research

Submitted by tbenzel on Wed, 10/11/2017 - 2:16am

This proposal provides funding for the third GREPSEC: Underrepresented Groups in Security Research workshop, which will held in May 2017, in San Jose CA. This day-and-a-half-long workshop intended for women and underrepresented minorities in computer security and privacy, will be co-located with the IEEE Computer Society's Security and Privacy Symposium, the premier conference in security.