About
73
Publications
62,789
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,944
Citations
Introduction
I am a human factors in cyber security and privacy researcher. I am interested in all aspects of how people interact with security and privacy technologies.
Additional affiliations
August 2014 - July 2015
August 2012 - July 2014
Publications
Publications (73)
Installing security-relevant software updates is one of the best computer protection mechanisms. However, users do not always choose to install updates. Through interviewing non-expert Windows users, we found that users frequently decide not to install future updates, regardless of whether they are important for security, after negative experiences...
Updates alter the way software functions by fixing bugs, changing features, and modifying the user interface. Sometimes changes are welcome, even anticipated, and sometimes they are unwanted leading to users avoiding potentially unwanted updates. If users delay or do not install updates it can have serious security implications for their computer....
Common anti-phishing advice tells users to mouse over links, look at the URL, and compare to the expected destination, implicitly assuming that they are able to read the URL. To test this assumption, we conducted a survey with 1929 participants recruited from the Amazon Mechanical Turk and Prolific Academic platforms. Participants were shown 23 URL...
We analyse Stack Overflow (SO) to understand challenges and confusions developers face while dealing with privacy-related topics. We apply topic modelling techniques to 1,733 privacy-related questions to identify topics and then qualitatively analyse a random sample of 315 privacy-related questions. Identified topics include privacy policies, priva...
Phishing is one of the most prevalent and expensive types of cybercrime faced by organizations and individuals worldwide. Most prior research has focused on various technical features and traditional representations of text to characterize phishing emails. There is a significant knowledge gap about the qualitative traits embedded in them, which cou...
System administrators, similar to end users, may delay or avoid software patches, also known as updates, despite the impact their timely application can have on system security. These admins are responsible for large, complex, amalgamated systems and must balance the security related needs of their organizations, which would benefit from the patch,...
In theory, consent dialogs allow users to express privacy preferences regarding how a website and its partners process users' personal data. In reality, dialogs often employ subtle design techniques known as dark patterns that nudge users towards accepting more cookies than the user would otherwise accept. We build a system, DarkDialogs, that can a...
In theory, consent dialogs allow users to express privacy preferences regarding how a website and its partners process the user's personal data. In reality, dialogs often employ subtle design techniques known as dark patterns that nudge users towards accepting more data processing than the user would otherwise accept. Dark patterns undermine user a...
Twitter accounts are public by default, but Twitter gives the option to create protected accounts, where only approved followers can see their tweets. The publicly visible information changes based on the account type and the visibility of tweets also depends solely on the poster's account type which can cause unintended disclosures especially when...
To make privacy a first-class citizen in software, we argue for equipping developers with usable and responsibly-designed tools, as well as providing support from organizations, educators, and regulators. We discuss the challenges with the successful integration of privacy features and propose solutions for stakeholders to help developers perform p...
Attackers attempt to create successful phishing campaigns by sending out trustworthy-looking emails with a range of variations, such as adding the recipient name in the subject line or changing URLs in email body. These tactics are used to bypass filters and make it difficult for the information system teams to block all emails even when they are a...
Twitter accounts are public by default, but Twitter gives the option to create protected accounts, where only approved followers can see their tweets. The publicly visible information changes based on the account type and the visibility of tweets also depends solely on the poster's account type which can cause unintended disclosures especially when...
To make privacy a first-class citizen in software, we argue for equipping developers with usable tools, as well as providing support from organizations, educators, and regulators. We discuss the challenges with the successful integration of privacy features and propose solutions for stakeholders to help developers perform privacy-related tasks.
Privacy tasks can be challenging for developers, resulting in privacy frameworks and guidelines from the research community which are designed to assist developers in considering privacy features and applying privacy enhancing technologies in early stages of
software development. However, how developers engage
with privacy design strategies is not...
Date of birth (DOB) has historically been considered as private information and safe to use for authentication, but recent years have seen a shift towards wide public sharing. In this work we characterize how modern social media users are approaching the sharing of birthday wishes publicly online. Over 45 days, we collected over 2.8M tweets wishing...
Reliably recruiting participants who have programming skills is an ongoing challenge for empirical studies involving software development technologies, often leading to the use of crowdsourcing platforms and computer science (CS) students. In this work, we use five existing survey instruments to explore the programming skills, privacy and security...
Privacy tasks can be challenging for developers, resulting in privacy frameworks and guidelines from the research community which are designed to assist developers in considering privacy features and applying privacy enhancing technologies in early stages of software development. However, how developers engage with privacy design strategies is not...
Changing a Twitter account's privacy setting between public and protected changes the visibility of past tweets. By inspecting the privacy setting of over 100K Twitter users over 3 months, we noticed that over 40% of those users change their privacy setting at least once with around 16% changing it over 5 times. This motivated us to explore the rea...
Date of birth (DOB) has historically been considered as private information and safe to use for authentication, but recent years have seen a shift towards wide public sharing. In this work we characterize how modern social media users are approaching the sharing of birthday wishes publicly online. Over 45 days, we collected over 2.8M tweets wishing...
Malicious communications aimed at tricking employees are a serious threat for organizations, necessitating the creation of procedures and policies for quickly respond to ongoing attacks. While automated measures provide some protection, they cannot completely protect an organization. In this case study, we use interviews and observations to explore...
Iterative design, implementation, and evaluation of prototype systems is a common approach in Human-Computer Interaction (HCI) and Usable Privacy and Security (USEC); however, research involving physical prototypes can be particularly challenging. We report on twelve interviews with established and nascent USEC researchers who prototype security an...
The security attitudes and approaches of software developers have a large impact on the software they produce, yet we know very little about how and when these views are constructed. This paper investigates the security and privacy (S&P) perceptions, experiences, and practices of current Computer Science students at the graduate and undergraduate l...
Evaluating novel authentication systems is often costly and timeconsuming. In this work, we assess the suitability of using Virtual Reality (VR) to evaluate the usability and security of real-world authentication systems. To this end, we conducted a replication study and built a virtual replica of CueAuth [52], a recently introduced authentication...
Intelligent personal assistants (IPA), such as Amazon Alexa and Google Assistant, are becoming increasingly present in multi-user households leading to questions about privacy and consent, particularly for those who do not directly own the device they interact with. When these devices are placed in shared spaces, every visitor and cohabitant become...
The security attitudes and approaches of software developers have a large impact on the software they produce, yet we know very little about how and when these views are constructed. This paper investigates the security and privacy (S&P) perceptions, experiences, and practices of current Computer Science students at the graduate and undergraduate l...
Advertising networks enable developers to create revenue, but using them potentially impacts user privacy and requires developers to make legal decisions. To understand what privacy information ad networks give developers, we did a walkthrough of four popular ad network guidance pages with a senior Android developer by looking at the privacy-relate...
Software development teams are responsible for making and implementing software design decisions that directly impact end-user privacy, a challenging task to do well. Privacy Champions—people who strongly care about advocating privacy—play a useful role in supporting privacy-respecting development cultures. To understand their motivations, challeng...
Static analysis tools (SATs) have the potential to assist developers in finding and fixing vulnerabilities in the early stages of software development requiring them to be able to understand and act on tools’ notifications. To understand how helpful such SAT guidance is to developers, we ran an online experiment (N=132) where participants were show...
There is a growing need for usable and secure authentication in immersive virtual reality (VR). Established concepts (e.g., 2D authentication schemes) are vulnerable to observation attacks, and most alternatives are relatively slow. We present RubikAuth, an authentication scheme for VR where users authenticate quickly and secure by selecting digits...
Applying regular patches is vital for the timely correction of security vulnerabilities, but installing patches also risks disrupting working systems by potentially introducing unknown errors. System administrators must manage the challenges of patching using a combination of reliance on best practice and available information to best match their o...
There is a growing need for usable and secure authentica-tion in virtual reality (VR). Established concepts (e.g., 2D graphical PINs) are vulnerable to observation attacks, and proposed alternatives are relatively slow. We present Ru-bikAuth, a novel authentication scheme for VR where users authenticate quickly by selecting digits from a virtual 3D...
The security attitudes and approaches of software developers have a large impact on the software they produce, yet we know very little about how and when these views are constructed. This paper investigates the security and privacy (S&P) perceptions, experiences, and practices of current Computer Science students at the graduate and undergraduate l...
When detecting phishing websites, both humans and computers rely on aspects of the website (features) to aid in their decision making. In this work, we conduct a review of URL-based phishing features that appear in publications targeting human-facing and automated anti-phishing approaches. We focus on both humans and computers to obtain a more comp...
Frequent exposure to disturbing content on social media such as posts, sharing, accident news, or even photos of puppies could adversely impact users' online experience or well-being. Several protection mechanisms exist to provide users with control over content feeding into their personal spaces; such as sensitive and "show less often" markers. Be...
Online safety regularly depends on users' ability to know either where a URL is likely to lead or identify when they are on a site other than they expect. Unfortunately, the combination of low URL reading ability in the general population and the use of hard-to-detect approaches like look-alike letters makes the reading of URLs quite challenging fo...
Topics in Computer Security, such as firewalls, can seem inaccessible or very difficult to beginners. That perceived inaccessibility is a serious problem at a time when countries like the United Kingdom are facing a shortage of skilled computer security professionals and consequently need more students to consider careers in the area. This project...
Based upon a study of how to capture data from Internet of Things (IoT) devices, this paper explores the challenges for data centric design ethnography. Often purchased to perform specific tasks, IoT devices exist in a complex ecosystem. This paper describes a study that used a variety of methods to capture the interactions an IoT device engaged in...
Major online messaging services such as Facebook Messenger and WhatsApp are starting to provide users with real-time information about when people read their messages, while useful, the feature has the potential to negatively impact privacy as well as cause concern over access to self. We report on two surveys using Mechanical Turk which looked at...
Social networking sites are starting to provide users with services that expose information about their audiences' composition and behavior, such as LinkedIn's 'Who's viewed my profile' feature. Providing information about content viewers to content publishers, however, raises new privacy concerns for viewers themselves, possibly creating a chillin...
Guest editors M. Angela Sasse and Matthew Smith discuss the origins of the security-usability tradeoff myth with leading academic experts Heather Lipford and Kami Vaniea and industry expert Cormac Herley.
Managing privacy in mobile instant messaging is a challenge for designers and users alike. If too many options are provided, the privacy controls can become complex to understand and unwieldy to manipulate. Conversely, providing too few controls leaves users without the ability to adequately express their privacy preferences. Further complicating t...
Mobile Instant Messaging (MIM) applications (apps) such as WhatsApp Messenger enable easy communication and open new issues of information control and privacy management. We investigate WhatsApp to understand how Arab people manage their privacy on MIM apps. We find that WhatsApp's design decisions around adding contacts result in privacy issues of...
Research on online behavioral advertising has focused on users' attitudes towards sharing and what information they are willing to share. An unexplored area in this domain is how users' knowledge of how to protect their information differs from their self-efficacy about executing privacy protection behavior. The results of a 179-participant online...
A collaboration system is described for sharing files. The collaboration system operates by receiving an Email message from a sender, the Email message specifying an attachment item (such as a file) and one or more recipients. The Email message also specifies a sender code assigned to the sender for the particular attachment item. The collaboration...
When security updates are not installed, or installed slowly, end users are at an increased risk for harm. To improve security, soft-ware designers have endeavored to remove the user from the soft-ware update loop. However, user involvement in software updates remains necessary; not all updates are wanted, and required reboots can negatively impact...
Despite the large amount of computer security information available to them, end users are often thought of as the weakest link in computer security. The information they have access to comes in many formats: news articles, news broadcasts, education documents, books, stories, and many more. However, inefficient or inconsistent communication betwee...
We take a detailed look at how users, while focusing on non-permission tasks, notice and fix access-control permission errors depending on where the access-control policy is spatially located on a photo-sharing website. The access-control policy was placed on an online photo-sharing website under the photo or album, on the sidebar, or on a separate...
In a series of studies, we investigated a user interface intended to help users stay aware of their access-control policy even when they are engaged in another activity as their primary task. Methodological issues arose in each study, which impacted the results. We describe the difficulties encountered during each study, and changes to the methodol...
In access-control systems, policy rules conflict when they prescribe different decisions (allow or deny) for the same access. We present the results of a user study that demonstrates the significant impact of conflict-resolution method on policy-authoring usability. In our study of 54 participants, varying the conflict-resolution method yielded sta...
As digital content becomes more prevalent in the home, non-technical users are increasingly interested in sharing that content with others and accessing it from multiple devices. Not much is known about how these users think about controlling access to this data. To better understand this, we conducted semi-structured, in-situ interviews with 33 us...
In this work we ask the question: what are the challenges of managing a physical or file system access-control pol- icy for a large organization? To answer the question, we conducted a series of interviews with thirteen administrators who manage access-control policy for either a file system or a physical space. Based on these interviews we identi-...
The goal of the research study reported here was to investigate policy authors' ability to take descriptions of changes to policy situations and author high-quality, complete policy rules that would parse with high accuracy. As a part of this research, we investigated ways in which we could assist policy authors in writing policies. This paper pres...
Significant effort has been invested in developing expressive and flexible access-control languages and systems. How- ever, little has been done to evaluate these systems in prac- tical situations with real users, and few attempts have been made to discover and analyze the access-control policies that users actually want to implement. We report on...
ABSTRACT Grey is a smartphone-based,system by which a user can exercise her authority to gain access to rooms in our university building, and by which she can delegate that authority to other users. We present findings from a trial of Grey, with emphasis on how common usability principles manifest themselves in a smartphone-based security applicati...
We describe our current work in developing novel mechanisms for managing security and privacy in pervasive computing environments. More specifically, we have developed and evaluated three different applications, including a contextual instant messenger, a people finder application, and a phone-based application for access control. We also draw out...
Significant effort has been invested in developing expressive and flexible access-control languages and systems. However, little work has been done to evaluate these theoretically interesting systems in practical situations with real users, and few attempts have been made to discover and analyze the access-control policies that users actually want...
Managing large sets of access-control rules is a complex task for security administrators. Each addition, deletion or mod-ification of a rule causes many potential and unknown side effects ranging from rule conflicts to security breaches. Secu-rity researchers have attempted to alleviate this problem by proposing algorithms and tools which analyze...
Questions
Question (1)
I am teaching a course in Human Computer Interaction and an looking for some good online tools that will let students mock up an interactive user interface and share it with other students.