USP論文読破会
ユーザブルセキュリティ・プライバシ(USP)論文読破会
ユーザブルセキュリティ・プライバシに関するトップ論文を読んで得られた知見を発表・共有する会。
開催:年1~2回
場所:オンサイトもしくはハイブリッド
各読破会のプログラム情報(折り畳みページ)
USP論文読破会7
ユーザブルセキュリティ・プライバシー(USP)論文読破会7
更新日:2023年11月23日
プログラムを一部更新
ユーザブルセキュリティ・プライバシー研究とは、セキュリティとプライバシーのユーザビリティに特化した研究領域であり、主にヒューマンファクタに焦点を当ててセキュリティ・プライバシーを議論します。 ユーザブルセキュリティ・プライバシーの研究は世界的な発展を見せており、本分野を専門的に扱う国際会議 Symposium on Usable Privacy and Security (SOUPS) への投稿数と採録数も増加が続いています。 加えて、SOUPSに限らずセキュリティ・プライバシーの難関国際会議で本分野の論文が多く発表されるようになり、本分野の裾野は確実に広がっています。 ユーザブルセキュリティ・プライバシー論文読破会は、このような発展を考慮し、当初開催されていたSOUPS論文読破会をもとに、SOUPS以外の国際会議も広く対象会議とすることで発展させたイベントです。 本読破会では、参加者同士で協力して本分野の最先端の論文を紹介し合い、参加者が最先端研究を広く把握することを目指します。 また最先端研究の把握を通して、SPT研究会が対象とする分野の国内研究の底上げを図ります。
第7回目となる今回は、2018年11月に開催されたUSP読破会、2019年5月に開催されたUSP読破会2、2019年11月に開催されたUSP読破会3、2020年11月に開催されたUSP読破会4、2021年7月に開催されたUSP読破会5、2022年11月に開催されたUSP読破会6に続く開催です。
開催要項
日時: 2023年11月24日(金) 10:00~18:00(予定)
開催形式: ハイブリット開催
現地会場: NICTイノベーションセンター(東京都中央区日本橋2-7-1 東京日本橋タワー 15階) (予定)[交通のご案内(PDF)]
オンライン: Zoom
会場の収容人数に限りがございます。現地参加を希望の方は、早めの申込をお願いします。なお、発表者や学生参加者の現地参加を優先させていただく可能性があり、必ずしも先着順とはならないこと予めご了承願います。現地参加の可否については申込受付後に開催担当より個別にご連絡します。
参加費: 無料
発表者募集(締め切りました)
本読破会で論文を紹介していただける方を募集します。 1論文につき15 or 20分程度(質疑込み、発表時間は発表者人数をみて後日連絡させていただきます)でご紹介ください。 紹介のスライドを事前にお送りいただき、当日の参加者と共有します。
発表申込は、定員に達し次第締め切ります。
紹介いただく論文は、前回の読破会発表申込以降(2022年09月〜2023年11月)に発表された、ユーザブルセキュリティ・プライバシーに関わると考えられる論文からお好きにお選びください。
参考までに、ユーザブルセキュリティ・プライバシー論文が発表されている代表的な国際会議を、本ウェブページの下部にリストアップしました。 ただし、それらの国際会議に限定せず、ヒューマンファクタとセキュリティ・プライバシーを扱った論文を広く受け付けます。
発表希望の方は以下のフォームより申込をお願いします。
USP論文読破会7 発表申込フォーム(Googleフォーム)
ご入力いただく内容:
氏名
所属(会社名・学校名等)
メールアドレス
発表を希望する論文
希望の発表方法(現地 or オンライン)※円滑な進行のため可能であれば現地参加頂けると幸いです
フォームによる発表申込受付後、紹介いただく論文の確定の連絡を開催担当より差し上げます。
参加者募集(締め切りました)
参加希望の方は以下のフォームより申込をお願いします。発表申込者の参加申込は不要です。
USP論文読破会7 参加申込フォーム(Googleフォーム)
ご入力いただく内容:
氏名
所属(会社名・学校名等)
メールアドレス
希望の参加方法(現地 or オンライン)
お知らせ
研究会非会員の方は、この機会にSPT研究会会員登録をお薦めします。 情報処理学会の学会員の方の登録費は3,600円(税抜)です。
情報処理学会に入会するためには、別途入会金と年会費が必要です。 非会員の方でも研究会登録することができます。 その場合の研究会登録費は4,600円(税抜)です。
研究会の登録の詳細については「研究会に登録する(情報処理学会)」をご参照ください。
懇親会
読破会終了後に懇親会を行います。
場所
時間
18:30-
会費
6,000円 (予定)
SPT研究会から懇親会費の領収書は発行されません。どうしても領収書が必要な方は会場店舗からの発行となります。
参考:ユーザブルセキュリティ・プライバシー論文が発表される代表的な国際会議
ユーザブルセキュリティ・プライバシーに特化した国際会議
SOUPS(SOUPS'23)
EuroUSEC(EuroUSEC'22, EuroUSEC'23)
USEC(USEC'23)
セキュリティ・プライバシー全般を取り扱う国際会議
S&P(S&P'23)
USENIX Security(USENIX Security'23)
NDSS(NDSS'23)
PETS(PETS'23)
ACSAC(ACSAC'22)
AsiaCCS(AsiaCCS'23)
EuroS&P( EuroS&P'23)
ESORICS(ESORICS'23)
HCI分野の国際会議(セキュリティ・プライバシーに関するセッション有)
注意:本ページ公開時点(2023年8月)で、プログラム等が未公開の会議も含みます
運営
お問い合わせ先: uspread 【アットマーク】spt.ipsj.or.jp
開催担当:山岸 伶(日立)
運営メンバ:
長谷川 彩子(NICT)
金森 祥子(NICT)
畑島 隆(NTT)
坂本 一仁(DataSign)
USP論文読破会6
ユーザブルセキュリティ・プライバシー(USP)論文読破会6
更新日:2022年11月15日
ユーザブルセキュリティ・プライバシー研究とは、セキュリティとプライバシーのユーザビリティに特化した研究領域であり、主にヒューマンファクタに焦点を当ててセキュリティ・プライバシーを議論します。 ユーザブルセキュリティ・プライバシーの研究は世界的な発展を見せており、本分野を専門的に扱う国際会議 Symposium on Usable Privacy and Security (SOUPS) への投稿数と採録数も増加が続いています。 加えて、SOUPSに限らずセキュリティ・プライバシーの難関国際会議で本分野の論文が多く発表されるようになり、本分野の裾野は確実に広がっています。 ユーザブルセキュリティ・プライバシー論文読破会は、このような発展を考慮し、当初開催されていたSOUPS論文読破会をもとに、SOUPS以外の国際会議も広く対象会議とすることで発展させたイベントです。 本読破会では、参加者同士で協力して本分野の最先端の論文を紹介し合い、参加者が最先端研究を広く把握することを目指します。 また最先端研究の把握を通して、SPT研究会が対象とする分野の国内研究の底上げを図ります。
第6回目となる今回は、2018年11月に開催されたUSP読破会、2019年5月に開催されたUSP読破会2、2019年11月に開催されたUSP読破会3、2020年11月に開催されたUSP読破会4、2021年7月に開催されたUSP読破会5に続く開催です。
開催要項
日時: 2022年11月18日(金) 10:30~17:00
開催形式: ハイブリット開催
現地会場: 千代田区大手町1-8-1 KDDI大手町ビル16階(NICTイノベーションセンター)[交通のご案内(PDF)]
オンライン: Zoom
会場の収容人数に限りがございます。現地参加を希望の方は、早めの申込をお願いします。なお、発表者や学生参加者の現地参加を優先させていただく可能性があり、必ずしも先着順とはならないこと予めご了承願います。現地参加の可否については申込受付後に開催担当より個別にご連絡します。
参加費: 無料
発表者募集(締め切りました)
本読破会で論文を紹介していただける方を募集します。 1論文につき15分程度(質疑込み)でご紹介ください。 紹介のスライドを事前にお送りいただき、当日の参加者と共有します。
発表申込は、定員に達し次第締め切ります。
紹介いただく論文は、前回の読破会以降(2021年8月~2022年11月)に発表された、ユーザブルセキュリティ・プライバシーに関わると考えられる論文からお好きにお選びください。
参考までに、ユーザブルセキュリティ・プライバシー論文が発表されている代表的な国際会議を、本ウェブページの下部にリストアップしました。 ただし、それらの国際会議に限定せず、ヒューマンファクタとセキュリティ・プライバシーを扱った論文を広く受け付けます。
発表希望の方は以下のフォームより申込をお願いします。
USP論文読破会6 発表申込フォーム(Googleフォーム)
ご入力いただく内容:
氏名
所属(会社名・学校名等)
メールアドレス
発表を希望する論文
希望の発表方法(現地 or オンライン)
フォームによる発表申込受付後、紹介いただく論文の確定の連絡を開催担当より差し上げます。
参加者募集 11/17(木) 12:00まで(現地参加は締め切りました)
参加希望の方は以下のフォームより申込をお願いします。発表申込者の参加申込は不要です。
USP論文読破会6 参加申込フォーム(Googleフォーム)
ご入力いただく内容:
氏名
所属(会社名・学校名等)
メールアドレス
希望の参加方法(現地 or オンライン)
お知らせ
研究会非会員の方は、この機会にSPT研究会会員登録をお薦めします。 情報処理学会の学会員の方の登録費は3,600円(税抜)です。
情報処理学会に入会するためには、別途入会金と年会費が必要です。 非会員の方でも研究会登録することができます。 その場合の研究会登録費は4,600円(税抜)です。
研究会の登録の詳細については「研究会に登録する(情報処理学会)」をご参照ください。
参考:ユーザブルセキュリティ・プライバシー論文が発表される代表的な国際会議
ユーザブルセキュリティ・プライバシーに特化した国際会議
EuroUSEC(EuroUSEC'21)
USEC(USEC'22)
セキュリティ・プライバシー全般を取り扱う国際会議
S&P(S&P'22)
USENIX Security(USENIX Security'21, USENIX Security'22)
NDSS(NDSS'22)
PETS(PETS'22)
ACSAC(ACSAC'21)
AsiaCCS(AsiaCCS'22)
EuroS&P(EuroS&P'21, EuroS&P'22)
ESORICS(ESORICS'21, ESORICS'22)
HCI分野の国際会議(セキュリティ・プライバシーに関するセッション有)
運営
お問い合わせ先: uspread 【アットマーク】klab.is.sci.toho-u.ac.jp
運営メンバ:
長谷川 彩子(NICT)
畑島 隆(NTT)
金森 祥子(NICT)
坂本 一仁(DataSign)
金岡 晃(東邦大学)
USP論文読破会5
ユーザブルセキュリティ・プライバシー(USP)論文読破会5
更新日:2021年7月21日
ユーザブルセキュリティ・プライバシー研究とは、セキュリティとプライバシーのユーザビリティに特化した研究領域であり、主にヒューマンファクタに焦点を当ててセキュリティ・プライバシーを議論します。 ユーザブルセキュリティ・プライバシーの研究は世界的な発展を見せており、本分野を専門的に扱う国際会議Symposium on Usable Privacy and Security (SOUPS)への投稿数と採録数も上昇が続いています。 加えて、SOUPSに限らずセキュリティ・プライバシーの難関国際会議で本分野の論文が多く発表されるようになり、本分野の裾野は確実に広がっています。 ユーザブルセキュリティ・プライバシー論文読破会は、このような発展を考慮し、当初開催されていたSOUPS論文読破会をもとに、SOUPS以外の国際会議も広く対象会議とすることで発展させたイベントです。 本読破会では、参加者同士で協力して本分野の最先端の論文を紹介し合い、参加者が最先端研究を広く把握することを目指します。 また最先端研究の把握を通して、SPT研究会が対象とする分野の国内研究の底上げを図ります。
第5回目となる今回は、2018年11月に開催されたUSP読破会、2019年5月に開催されたUSP読破会2、2019年11月に開催されたUSP読破会3、2020年11月に開催されたUSP読破会4に続く開催です。
開催要項
日時:2021年7月21日(水)13:00~18:15
会場:オンライン(Zoom)
参加費
無料
発表者募集(締め切りました)
本読破会で論文を報告していただける方を募集します。 1論文につき15分程度(質疑込み)でご紹介ください。 紹介のスライドを事前にお送りいただいて、当日の参加者と共有いたします。
発表申し込みは、定員に達し次第締め切ります。
論文はこの1年(2020年8月~2021年7月)に発表されたユーザブルセキュリティ・プライバシーに関わると考えられる論文からお好きにお選びください。
発表を希望する論文が前回の論文読破会(USP読破会4)にて既に発表されていないことをご確認の上、お申し込みください。また、
参考までに、ユーザブルセキュリティ・プライバシーの論文が複数発表されている代表的な国際会議を、本ウェブページの下部に「参考:ユーザブルセキュリティ・プライバシーの論文が発表される代表的な国際会議」としてリストアップいたしました。 ただし、それらの国際会議に限定せず、ヒューマンファクタとセキュリティ・プライバシーを扱った論文を広く受け付けます。
発表ご希望の方は、次のフォームより入力してください。
https://docs.google.com/forms/d/1wo-IambiBlUurliGdgQ1aYY88CE6ujUGe_swUak65qg/
入力いただく内容:
氏名
所属(会社名等。学生の場合は学校名)
メールアドレス
希望する論文
担当論文の決定方法について
フォームによる受付後、順次担当する論文を決定させていただきます。 担当が決まった論文は、開催担当より発表者にご連絡し本ページ上でアナウンスいたします。
参加申込
参加ご希望の方は、次のフォームより入力してください。発表者の方は入力不要です。
https://docs.google.com/forms/d/1pM7ZeeTHZeVIpT6DNN7Z91m6Pt669_wa5DAoMOdmwzA/
入力いただく内容:
氏名
所属(会社名等。学生の場合は学校名)
メールアドレス
参加者区別(研究会登録会員、情報処理学会学生会員、一般(非会員))
お知らせ
その他
当日は論文データは共有しませんので、各自でご準備ください。
研究会非会員の方は、この機会にSPT研究会会員登録をお薦めします。 学会員の方の登録費は3,600円(税抜)です!
情報処理学会に入会するためには、別途入会金と年会費が必要になります。 なお非会員の方でも研究会登録することができます。 その場合の研究会登録費は4,600円(税抜)です。
研究会の登録の詳細については「研究会に登録する(情報処理学会)」をご参照ください。
参考:ユーザブルセキュリティ・プライバシーの論文が発表される代表的な国際会議
ユーザブルセキュリティ・プライバシーを専門的に扱う国際会議
SOUPS(SOUPS'20)
EuroUSEC(EuroUSEC'20)
USEC(USEC'21)
セキュリティ・プライバシー全般を取り扱う国際会議
S&P(S&P'21)
USENIX Security(USENIX Security'20)
CCS(CCS'20)
NDSS(NDSS'21)
PETS(PETS'21)
ACSAC(ACSAC'20)
AsiaCCS(AsiaCCS'20)
EuroS&P(EuroS&P'20)
ESORICS(ESORICS'20)
ユーザブルセキュリティ・プライバシーを一部含む、HCI分野の国際会議
運営について
お問い合わせ先
uspread 【アットマーク】klab.is.sci.toho-u.ac.jp
開催担当
長谷川 彩子(NTT研究所)
USP論文読破会4
ユーザブルセキュリティ・プライバシー(USP)論文読破会4
更新日:2020年11月16日
ユーザブルセキュリティ・プライバシーの分野は世界的な発展を見せ、当該分野を専門的に扱う国際会議Symposium on Usable Privacy and Security (SOUPS)への投稿数と採録数も上昇が続いています。 加えて、セキュリティの難関国際会議でもこれらの分野の論文が多く発表されるようになり、裾野は確実に広がっています。 本分野の最先端を幅広く把握するために、SOUPS以外の国際会議も広く対象会議とし、SOUPS論文読破会を発展させたイベントとしてユーザブルセキュリティ・プライバシー論文読破会が開始されました。 本読破会では、参加者同士で協力して発表論文を読破し、内容を紹介することで参加者が本分野の最先端論文を網羅的に把握することを目指します。 また最先端研究を知ることを通してSPT研究会が対象とする分野の国内研究の底上げを図ります。
第3回目となる今回は、2018年11月に開催されたUSP読破会、2019年5月に開催されたUSP読破会2、2019年11月に開催されたUSP読破会3に続く開催です。
開催要項
日時:2020年11月27日(金)10:00~18:00(予定)
会場:オンライン(Zoom)
参加費
無料
発表者募集(締め切りました)
本読破会で論文を報告していただける方を募集します。 1論文につき15分程度(質疑込み)でご紹介ください。 紹介のスライドを事前にお送りいただいて、当日の参加者と共有いたします。
発表申し込みは、定員に達し次第締め切ります。
論文はこの1年(2019年11月~2020年11月)に発表されたユーザブルセキュリティやユーザブルプライバシーに関わると考えられる論文からお好きにお選びください。
参考までに、この1年で発表された論文の中で関わると考えられる論文をページ下部に「参考:代表的な国際会議で発表されたUSP論文4」としてリストアップいたしました。ご参考ください。
発表ご希望の方は、次のフォームより入力してください。
https://forms.gle/nmii55Ch8n2VKdL88
入力いただく内容:
氏名
所属(会社名等。学生の場合は学校名)
メールアドレス
希望する論文
担当論文の決定方法について
フォームによる受付後、順次担当する論文を決定させていただきます。 担当が決まった論文は、担当者より発表者にご連絡し本ページ上でアナウンスいたします。
論文担当情報
Célestin Matte (Inria, France), Nataliia Bielova (Inria, France), Cristiana Santos (Inria, France) : "Do Cookie Banners Respect My Choice? Measuring Legal Compliance of Banners from IAB Europe's Transparancy and Consent Framework" , S&P 2020
担当:坂本一仁(株式会社DataSign)
Joshua Reynolds, University of Illinois at Urbana-Champaign and University of California, Berkeley and International Computer Science Institute; Nikita Samarin, University of California, Berkeley and International Computer Science Institute; Joseph Barnes, Taylor Judd, Joshua Mason, and Michael Bailey, University of Illinois at Urbana-Champaign; Serge Egelman, University of California, Berkeley and International Computer Science Institute : "Empirical Measurement of Systemic 2FA Usability" , USENIX Security '20
担当:藤田真浩(三菱電機株式会社)
Anastasia Danilova, Alena Naiakshina, and Johanna Deuter, University of Bonn; Matthew Smith, University of Bonn and Fraunhofer FKIE : "Replication: On the Ecological Validity of Online Security Developer Studies: Exploring Deception in a Password-Storage Study with Freelancers" , SOUPS 2020
担当:秋山満昭(NTTセキュアプラットフォーム研究所)
Martin Ukrop, Masaryk University; Lydia Kraus, Masaryk University; Vashek Matyas, Masaryk University; Heider Ahmad Mutleq Wahsheh, Ca' Foscari University of Venice : "Will You Trust This TLS Certificate? Perceptions of People Working in IT" , ACSAC 2019
担当:Yuji Suga(Internet Initiative Japan Inc.)
Philipp Markert (Ruhr University Bochum), Daniel Bailey (Ruhr University Bochum), Maximilian Golla (Max Planck Institute for Security and Privacy), Markus Dürmuth (Ruhr University Bochum), Adam Aviv (The George Washington University) : "This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs" , S&P 2020
担当:江原知志(電気通信大学)
Endsley, M.R : "Toward a Theory of Situation Awareness in Dynamic" , Systems. Human Factors Journal 37(1), 32-64 (1995)
担当:村山優子(津田塾大学)
Agnieszka Kitkowska, Karlstad University; Mark Warner, Northumbria University; Yefim Shulman, Tel Aviv University; Erik Wästlund and Leonardo A. Martucci, Karlstad University : "Enhancing Privacy through the Visual Design of Privacy Notices: Exploring the Interplay of Curiosity, Control and Affect" , SOUPS 2020
担当:金森祥子(国立研究開発法人情報通信研究機構)
Rebecca Jeong and Sonia Chiasson : "'Lime', 'Open Lock', and 'Blocked': Children's Perception of Colors, Symbols, and Words in Cybersecurity Warnings" , CHI 2020
担当:坪根 恵(早稲田大学)
Sara Albakry, Kami Vaniea, and Maria K. Wolters : "What is this URL's Destination? Empirical Evaluation of Users' URL Reading" , CHI 2020
担当:長谷川彩子(NTTセキュアプラットフォーム研究所)
Hiroaki Masaki, Kengo Shibata, Shui Hoshino, Takahiro Ishihama, Nagayuki Saito, and Koji Yatani : "Exploring Nudge Designs to Help Adolescent SNS Users Avoid Privacy and Safety Threats" , CHI 2020
担当:横山 佳紀(電気通信大学)
Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, and Michael Hicks, University of Maryland : "Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It" , USENIX Security '20
担当:ももいやすなり(株式会社インターネットイニシアティブ)
Benjamin Zi Hao Zhao (University of New South Wales and Data61 CSIRO), Hassan Jameel Asghar (Macquarie University and Data61 CSIRO), Mohamed Ali Kaafar (Macquarie University and Data61 CSIRO) : "On the Resilience of Biometric Authentication Systems against Random Inputs" , NDSS 2020
担当:大木哲史(静岡大学)
Joshua Tan (Carnegie Mellon University); Lujo Bauer (Carnegie Mellon University); Nicolas Christin (Carnegie Mellon University); Lorrie Faith Cranor (Carnegie Mellon University) : "Practical Recommendations for Stronger, More Usable Passwords Combining Minimum-strength, Minimum-length, and Blocklist Requirements" , CCS 2020
担当:金岡晃(東邦大学)
Benjamin Maximilian Reinheimer, Lukas Aldag, Peter Mayer, Mattia Mossano, and Reyhan Duezguen, Karlsruhe Institute of Technology; Bettina Lofthouse, Landesamt für Geoinformation und Landesvermessung Niedersachsen; Tatiana von Landesberger, Technische Universität Darmstadt; Melanie Volkamer, Karlsruhe Institute of Technology : "An investigation of phishing awareness and education over time: When and how to best remind users" , SOUPS 2020
担当:河田真由子(株式会社富士通研究所)
参加申込
参加ご希望の方は、次のフォームより入力してください。発表者の方は入力不要です。
https://forms.gle/2uVhQQsZmQPyoxHv8
入力いただく内容:
氏名
所属(会社名等。学生の場合は学校名)
メールアドレス
参加者区別(研究会登録会員、情報処理学会学生会員、一般(非会員))
お知らせ
その他
当日は論文データは共有しませんので、各自でご準備ください。
研究会非会員の方は、この機会にSPT研究会会員登録をお薦めします。 学会員の方の登録費は3,600円(税抜)です!
情報処理学会に入会するためには、別途入会金と年会費が必要になります。 なお非会員の方でも研究会登録することができます。 その場合の研究会登録費は4,600円(税抜)です。
研究会の登録の詳細については「研究会に登録する(情報処理学会)」をご参照ください。
参考:代表的な国際会議で発表されたUSP論文4
EIGER: Automated IOC Generation for Accurate and Interpretable Endpoint Malware Detection
Yuma Kurogome, NTT Secure Platform Laboratories; Yuto Otsuki, NTT Secure Platform Laboratories; Yuhei Kawakoya, NTT Secure Platform Laboratories; Makoto Iwamura, NTT Secure Platform Laboratories; Syogo Hayashi, NTT Security (Japan) KK; Tatsuya Mori, Waseda University / NICT; Koushik Sen, University of California, Berkeley
Your Hashed IP Address: Ubuntu - Perspectives on Transparency Tools for Online Advertising
Tobias Urban, Institute for Internet Security, Westphalian University of Applied Sciences; Martin Degeling, Ruhr University Bochum; Horst Gortz Institute for IT Security; Thorsten Holz, Ruhr University Bochum; Horst Gortz Institute for IT Security; Norbert Pohlmann, Institute for Internet Security, Westphalian University of Applied Sciences
Will You Trust This TLS Certificate? Perceptions of People Working in IT
Martin Ukrop, Masaryk University; Lydia Kraus, Masaryk University; Vashek Matyas, Masaryk University; Heider Ahmad Mutleq Wahsheh, Ca' Foscari University of Venice
I Know What You Did Last Login: Inconsistent Messages Tell Existence of a Target's Account to Insiders
Ayako Akiyama Hasegawa, NTT Secure Platform Laboratories; Takuya Watanabe, NTT Secure Platform Laboratories; Eitaro Shioji, NTT Secure Platform Laboratories; Mitsuaki Akiyama, NTT Secure Platform Laboratories
Open Market or Ghost Town? The Curious Case of OpenBazaar
James E. Arps (Carnegie Mellon University), Nicolas Christin (Carnegie Mellon University)
Surviving the Cryptojungle: Perception and Management of Risk Among North American Cryptocurrency (Non)Users
Artemij Voskobojnikov (University of British Columbia), Borke Obada-Obieh (University of British Columbia), Yue Huang (University of British Columbia), Konstantin Beznosov (University of British Columbia)
A Tale of Two Browsers: Understanding User’s Web Browser Choices in South Korea -
Simon Woo, Hyoungshick Kim, Ji Won Choi, Soyoon Jeon, Jihye Woo and Joon Han
User-Centered Risk Communication for Safer Browsing
Sanchari Das, Jacob Abbott, Shakthidhar Gopavaram, Jim Blythe and L. Jean Camp.
Secure Email – A Usability Study
Adrian Reuter, Ahmed Abdelmaksoud, Wadie Lemrazzeq, Karima Boudaoud and Marco Winckler
The Effects of Cue Utilization and Cognitive Load in the Detection of Phishing Emails,
George Nasser, Ben Morrison, Piers Bayl-Smith, Ronnie Taib, Michael Gayed, and Mark Wiggins
Cue Utilization, Phishing Feature and Phishing Email Detection
Piers Bayl-Smith, Daniel Sturman and Mark Wiggins
Dis-Empowerment Online- An Investigation of Privacy & Sharing Perceptions & Method Preferences
KovilaP.L.Coopamootoo
Security and Privacy Awareness in Smart Environments – A Cross-Country Investigation,
Oksana Kulyk, Benjamin Maximilian Reinheimer, Lukas Aldag, Peter Mayer, Nina Gerber, Melanie Volkamer.
Understanding Perceptions of Smart Devices
Hilda Hadan, Sameer Patil
In Our Employer We Trust: Mental Models of Office Worker’s Privacy Perceptions
Jan Tolsdorf and Florian Dehling
Behaviour of Outsourced Employees as Sources of Information System Security Threats
David Oyebisi and Kennedy Njenga
Exploring Effects of Auditory Stimuli on CAPTCHA Performance
Gene Tsudik, Tyler Kaczmarek, Bruce Berg, Alfred Kobsa
PassPage: Graphical Password Authentication Scheme Based on Web Browsing Records
Xian Chu, Huiping Sun, Zhong Chen
Empathy as a Response to Frustration in Password Choice
Kovila P.L. Coopamootoo
Fixing the Fixes: Assessing the Solutions of SAST Tools for Securing Password Storage
Harshal Tupsamudre,Monika Sahu,Kumar Vidhani,Sachin Lodha
Incorporating Psychology into Cyber Security Education: A Pedagogical Approach
Jacqui Taylor-Jackson, John McAlaney, Jeff Foster, Abubakar Bello, Alana Maurushat, John Dale
Are You Going to Answer That? Measuring User Responses to Anti-Robocall Application Indicators
Imani N. Sherman (University of Florida), Jasmine D. Bowers (University of Florida), Keith McNamara Jr. (University of Florida), Juan E. Gilbert (University of Florida), Jaime Ruiz (University of Florida), Patrick Traynor (University of Florida)
OcuLock: Exploring Human Visual System for Authentication in Virtual Reality Head-mounted Display
Shiqing Luo (Georgia State University), Anh Nguyen (Georgia State University), Chen Song (San Diego State University), Feng Lin (Zhejiang University), Wenyao Xu (SUNY Buffalo), Zhisheng Yan (Georgia State University)
On the Resilience of Biometric Authentication Systems against Random Inputs
Benjamin Zi Hao Zhao (University of New South Wales and Data61 CSIRO), Hassan Jameel Asghar (Macquarie University and Data61 CSIRO), Mohamed Ali Kaafar (Macquarie University and Data61 CSIRO)
Strong Authentication without Temper-Resistant Hardware and Application to Federated Identities
Zhenfeng Zhang (Chinese Academy of Sciences, University of Chinese Academy of Sciences, and The Joint Academy of Blockchain Innovation), Yuchen Wang (Chinese Academy of Sciences and University of Chinese Academy of Sciences), Kang Yang (State Key Laboratory of Cryptology)
A View from the Cockpit: Exploring Pilot Reactions to Attacks on Avionic Systems
Matthew Smith (University of Oxford), Martin Strohmeier (University of Oxford), Jonathan Harman (Vrije Universiteit Amsterdam), Vincent Lenders (armasuisse Science and Technology), Ivan Martinovic (University of Oxford)
Genotype Extraction and False Relative Attacks: Security Risks to Third-Party Genetic Genealogy Services Beyond Identity Inference
Peter Ney (University of Washington), Luis Ceze (University of Washington), Tadayoshi Kohno (University of Washington)
Complex Security Policy? A Longitudinal Analysis of Deployed Content Security Policies
Sebastian Roth (CISPA Helmholtz Center for Information Security), Timothy Barron (Stony Brook University), Stefano Calzavara (Università Ca' Foscari Venezia), Nick Nikiforakis (Stony Brook University), Ben Stock (CISPA Helmholtz Center for Information Security)
Into the Deep Web: Understanding E-commerce Fraud from Autonomous Chat with Cybercriminals
Peng Wang (Indiana University Bloomington), Xiaojing Liao (Indiana University Bloomington), Yue Qin (Indiana University Bloomington), XiaoFeng Wang (Indiana University Bloomington)
Compliance Cautions: Investigating Security Issues Associated with U.S. Digital-Security Standards
Rock Stevens (University of Maryland), Josiah Dykstra (Independent Security Researcher), Wendy Knox Everette (Leviathan Security Group), James Chapman (Independent Security Researcher), Garrett Bladow (Dragos), Alexander Farmer (Independent Security Researcher), Kevin Halliday (University of Maryland), Michelle L. Mazurek (University of Maryland)
"Addressing Anonymous Abuses: Measuring the Effects of Technical Mechanisms on Reported User Behaviors "
Wajeeha Ahmad and Ilaria Liccardi
"Amazon vs. My Brother: How Users of Shared Smart Speakers Perceive and Cope with Privacy Risks "
Yue Huang, Borke Obada-Obieh, and Konstantin (Kosta) Beznosov
"Arseing around was Fun!" Humor as a Resource in Design and Making
NettaIivari, Marianne Kinnula, LeenaKuure and TiinaKeisanen
"Bug or Feature? Covert Impairments to Human Computer Interaction "
John V. Monaco
"Building and Validating a Scale for Secure Software Development Self-Efficacy "
Daniel J Votipka, Desiree Abrokwa, and Michelle L. Mazurek
"Circle of Trust: A New Approach to Mobile Online Safety for Families "
Arup Kumar Ghosh, Charles E. Hughes, and Pamela J. Wisniewski
"Dark Patterns after the GDPR: Scraping Consent Pop-ups and Demonstrating their Influence "
Midas Nouwens, Ilaria Liccardi, Michael Veale, David Karger, and Lalana Kagal
Does Context in Privacy Communication Really Matter? A Survey on Consumer Concerns and Preferences
Nico Ebert, Kurt Alexander Ackermann and Peter Heinrich
"Effects of Credibility Indicators on Social Media News Sharing Intent "
Waheeb Yaqub, Otari Kakhidze, Morgan L. Brockman, Nasir Memon, and Sameer Patil
"Evaluating 'Prefer not to say' Around Sensitive Disclosures "
Mark Warner, Agnieszka Kitkowska, Jo Gibbs, Juan F. Maestre, and Ann Blandford
"Evaluating the End-User Experience of Private Browsing Mode "
Ruba Abu-Salma and Benjamin Livshits
"Evaluating the Information Security Awareness of Smartphone Users "
Ron Bitton, Kobi Boymgold, Rami Puzis, and Asaf Shabtai
"Examining the Adoption and Abandonment of Security, Privacy, and Identity Theft Protection Practices "
Yixin Zou, Kevin Roundy, Acar Tamersoy, Saurabh Shintre, johann roturier, and Florian Schaub
"Exploring Nudge Designs to Help Adolescent SNS Users Avoid Privacy and Safety Threats "
Hiroaki Masaki, Kengo Shibata, Shui Hoshino, Takahiro Ishihama, Nagayuki Saito, and Koji Yatani
"How Mandatory Second Factor Affects the Authentication User Experience "
Jacob Abbott and Sameer Patil
"I'm All Eyes and Ears: Exploring Effective Locators for Privacy Awareness in IoT Scenarios "
Yunpeng Song, Yun Huang, Zhongmin Cai, and Jason I. Hong
"I'm hoping they're an ethical company that won't do anything that I'll regret": Users Perceptions of At-home DNA Testing Companies
Khadija Baig, Reham Mohamed, Anna-Lena Theus, and Sonia Chiasson
"Informing the Design of a Personalized Privacy Assistant for the Internet of Things "
Jessica Colnago, Yuanyuan Feng, Tharangini Palanivel, Sarah Pearman, Megan Ung, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh
"""It's a scavenger hunt"": Usability of Websites' Opt-Out and Data Deletion Choices "
Hana Habib, Sarah Pearman, Jiamin Wang, Yixin Zou, Alessandro Acquisti, Lorrie Faith Cranor, Norman Sadeh, and Florian Schaub
"Let's Talk about Sext: How Adolescents Seek Support and Advice about Their Online Sexual Experiences "
Afsaneh Razi, Karla Badillo-Urquiola and Pamela J. Wisniewski
Lime', 'Open Lock', and 'Blocked': Children's Perception of Colors, Symbols, and Words in Cybersecurity Warnings
Rebecca Jeong and Sonia Chiasson
"Listen to Developers! A Participatory Design Study on Security Warnings for Cryptographic APIs "
Peter Leo Gorski, Yasemin Acar, Luigi Lo Iacono, and Sascha Fahl
"Measuring Identity Confusion with Uniform Resource Locators "
Joshua Reynolds, Deepak Kumar, Zane Ma, Rohan C Subramanian, Meishan Wu, Martin Shelton, Joshua Mason, Emily Stark, and Michael Bailey
On Conducting Security Developer Studies with CS Students: Examining a Password-Storage Study with CS Students, Freelancers, and Company Developers
Alena Naiakshina, Anastasia Danilova, Eva Gerlitz, and Matthew Smith
"Online Privacy Heuristics that Predict Information Disclosure "
S. Shyam Sundar, Jinyoung Kim, Mary Beth Rosson and Maria D. Molina
Ownership, Privacy, and Control in the Wake of Cambridge Analytica: The Relationship between Attitudes and Awareness
Frank M. Shipman and Catherine C. Marshall
Private Responses for Public Sharing: Understanding Self-Presentation and Relational Maintenance via Stories in Social Media
Penny Triệu and Nancy K. Baym
Robocalling: STIRRED AND SHAKEN! – An Investigation of Calling Displays on Trust and Answer Rates
Gregory W. Edwards, Michael J. Gonzales, and Marc A. Sullivan
Taking Data Out of Context to Hyper-Personalize Ads: Crowdworkers' Privacy Perceptions and Decisions to Disclose Private Information
Julia Hanson, Miranda Wei, Sophie Veys, Matthew Kugler, Lior Strahilevitz, and Blase Ur
"The Burden of Ending Online Account Sharing "
Borke Obada-Obieh, Yue Huang, and Konstantin Beznosov
"The Influence of Decaying the Representation of Older Social Media Content on Simulated Hiring Decisions "
Reham Mohamed, Paulina Chametka, and Sonia Chiasson
"The Politics of Privacy Theories: Moving from Norms to Vulnerabilities "
Nora McDonald and Andrea Forte
"The Role of Eye Gaze in Security and Privacy Applications: Survey and Future HCI Research Directions "
Christina Katsini, Yasmeen Abdrabou, George E. Raptis, Mohamed Khamis, and Florian Alt
"Towards A Taxonomy of Content Sensitivity and Sharing Preferences for Photos "
Yifang Li, Nishant Vishwamitra, Hongxin Hu, and Kelly Caine
"Understanding Cybersecurity Practices in Emergency Departments "
Elizabeth Stobert, David Barrera, Valérie Homier, and Daniel Kollek
"Understanding Fitness Tracker Users' Security and Privacy Knowledge, Attitudes and Behaviours "
Sandra Gabriele and Sonia Chiasson
"Understanding Privacy-Related Questions on Stack Overflow "
Mohammad Tahaei, Kami Vaniea, and Naomi Saphra
"User Experiences with Online Status Indicators "
Camille Cobb, Lucy Simko, Tadayoshi Kohno, and Alexis Hiniker
"""We Hold Each Other Accountable"": Unpacking How Social Groups Approach Cybersecurity and Privacy Together "
Hue Watson, Eyitemi Moju-Igbene, Akanksha Kumari, and Sauvik Das
"What is this URL's Destination? Empirical Evaluation of Users' URL Reading "
Sara Albakry, Kami Vaniea, and Maria K. Wolters
"Why Johnny Can't Unsubscribe: Barriers to Stopping Unwanted Email "
Jayati Dev, Emilee Rader, and Sameer Patil
"Will Deleting History Make Alexa More Trustworthy? Effects of Privacy and Content Customization on User Experience of Smart Speakers "
Eugene Cho, S. ShyamSundar, Saeed Abdullah and NasimMotalebi
"Is FIDO2 the Kingslayer of User Authentication? A Comparative Usability Study of FIDO2 Passwordless Authentication"
Sanam Ghorbani Lyastani (CISPA Helmholtz Center for Information Security, Germany), Michael Schilling (CISPA Helmholtz Center for Information Security, Germany), Michaela Neumayr (CISPA Helmholtz Center for Information Security, Germany), Michael Backes (CISPA Helmholtz Center for Information Security, Germany), Sven Bugiel (CISPA Helmholtz Center for Information Security, Germany)
"This PIN Can Be Easily Guessed: Analyzing the Security of Smartphone Unlock PINs"
"Philipp Markert (Ruhr University Bochum), Daniel Bailey (Ruhr University Bochum), Maximilian Golla (Max Planck Institute for Security and Privacy), Markus Dürmuth (Ruhr University Bochum), Adam Aviv (The George Washington University) "
"Gesture Authentication for Smartphones: Evaluation of Gesture Password Selection Policies"
"Eunyong Cheon (UNIST, Republic of Korea), Yonghwan Shin (UNIST, Republic of Korea), Jun Ho Huh (Samsung Research, Republic of Korea), Hyoungshick Kim (Sungkyunkwan University, Republic of Korea), Ian Oakley (UNIST, Republic of Korea) "
Do Cookie Banners Respect My Choice? Measuring Legal Compliance of Banners from IAB Europe's Transparancy and Consent Framework
"Célestin Matte (Inria, France), Nataliia Bielova (Inria, France), Cristiana Santos (Inria, France) "
"Influencing Photo Sharing Decisions on Social Media: A Case of Paradoxical Findings"
"Mary Jean Amon (University of Colorado Boulder), Rakibul Hasan (Indiana University), Kurt Hugenberg (Indiana University), Bennett Bertenthal (Indiana University), Apu Kapadia (Indiana University) "
Passworld: A Serious Game to Promote Password Awareness and Diversity in an Enterprise
Gokul Chettoor Jayakrishnan, Gangadhara Reddy Sirigireddy, Sukanya Vaddepalli, Vijayanand Banahatti, and Sachin Premsukh Lodha, Sankalp Suneel Pandit, TCS Research, Tata Consultancy Services Limited
“You still use the password after all” – Exploring FIDO2 Security Keys in a Small Company
Florian M. Farke, Ruhr University Bochum; Lennart Lorenz, tracekey solutions GmbH; Theodor Schnitzler, Philipp Markert, and Markus Dürmuth, Ruhr University Bochum
Knock, Knock. Who’s There? On the Security of LG’s Knock Codes
Raina Samuel, New Jersey Institute of Technology; Philipp Markert, Ruhr University Bochum, Germany; Adam J. Aviv, The George Washington University; Iulian Neamtiu, New Jersey Institute of Technology
An Empirical Study of Wireless Carrier Authentication for SIM Swaps
"Kevin Lee, Benjamin Kaiser, Jonathan Mayer, and Arvind Narayanan, Princeton University "
Lessons Learnt from Comparing WhatsApp Privacy Concerns Across Saudi and Indian Populations
"Jayati Dev, Indiana University; Pablo Moriano, Oak Ridge National Laboratory; L. Jean Camp, Indiana University "
Realizing Choice: Online Safeguards for Couples Adapting to Cognitive Challenges
Nora McDonald, Alison Larsen, and Allison Battisti, University of Maryland, Baltimore County; Galina Madjaroff, University of Maryland; Aaron Massey and Helena Mentis, University of Maryland, Baltimore County
Blind and Human: Exploring More Usable Audio CAPTCHA Designs
"Valerie Fanelle, Sepideh Karimi, Aditi Shah, Bharath Subramanian, and Sauvik Das, Georgia Institute of Technology "
Usable Sexurity: Studying People’s Concerns and Strategies When Sexting
"Christine Geeng, Jevan Hutson, and Franziska Roesner, University of Washington "
Towards Understanding Privacy and Trust in Online Reporting of Sexual Assault
Borke Obada-Obieh, The University of British Columbia; Lucrezia Spagnolo, Vesta Social Innovation Technologies; Konstantin (Kosta) Beznosov, University of British Columbia
Replication: On the Ecological Validity of Online Security Developer Studies: Exploring Deception in a Password-Storage Study with Freelancers
"Anastasia Danilova, Alena Naiakshina, and Johanna Deuter, University of Bonn; Matthew Smith, University of Bonn and Fraunhofer FKIE "
Innovation Inaction or In Action? The Role of User Experience in the Security and Privacy Design of Smart Home Cameras
"George Chalhoub and Ivan Flechais, University of Oxford; Norbert Nthala, Michigan State University; Ruba Abu-Salma, University College London (UCL) & Inria "
An Ethnographic Understanding of Software (In)Security and a Co-Creation Model to Improve Secure Software Development
"Hernan Palombo, Armin Ziaie Tabari, Daniel Lende, Jay Ligatti, and Xinming Ou, University of South Florida "
Why Can't Johnny Fix Vulnerabilities: A Usability Evaluation of Static Analysis Tools for Security
"Justin Smith, Lafayette College; Lisa Nguyen Quang Do and Emerson Murphy-Hill, Google "
Security, Availability, and Multiple Information Sources: Exploring Update Behavior of System Administrators
Christian Tiefenau and Maximilian Häring, University of Bonn; Katharina Krombholz, CISPA Helmholtz Center for Information Security; Emanuel von Zezschwitz, University of Bonn and Fraunhofer FKIE
An investigation of phishing awareness and education over time: When and how to best remind users
Benjamin Maximilian Reinheimer, Lukas Aldag, Peter Mayer, Mattia Mossano, and Reyhan Duezguen, Karlsruhe Institute of Technology; Bettina Lofthouse, Landesamt für Geoinformation und Landesvermessung Niedersachsen; Tatiana von Landesberger, Technische Universität Darmstadt; Melanie Volkamer, Karlsruhe Institute of Technology
An Exploratory Study of Hardware Reverse Engineering — Technical and Cognitive Processes
Steffen Becker, Carina Wiesen, and Nils Albartus, Ruhr University Bochum and Max Planck Institute for Cybersecurity and Privacy; Nikol Rummel, Ruhr University Bochum; Christof Paar, Max Planck Institute for Cybersecurity and Privacy
Industry Responses to the European Directive on Security of Network and Information Systems (NIS): Understanding policy implementation practices across critical infrastructures
"Ola Aleksandra Michalec, Dirk van der Linden, Sveta Milyaeva, and Awais Rashid, University of Bristol "
"You've Got Your Nice List of Bugs, Now What?" Vulnerability Discovery and Management Processes in the Wild
Noura Alomar, University of California, Berkeley; Primal Wijesekera, UC Berkeley / ICSI; Edward Qiu, University of California, Berkeley; Serge Egelman, UC Berkeley / ICSI
User Mental Models of Cryptocurrency Systems - A Grounded Theory Approach
"Alexandra Mai and Katharina Pfeffer, SBA Research; Matthias Gusenbauer, Tokyo Institute of Technology and SBA Research; Edgar Weippl, University of Vienna; Katharina Krombholz, CISPA Helmholtz Center for Information Security "
Cloudy with a Chance of Misconceptions: Exploring Users' Perceptions and Expectations of Security and Privacy in Cloud Office Suites
"Dominik Wermke, Nicolas Huaman, Christian Stransky, Niklas Busch, Yasemin Acar, and Sascha Fahl, Leibniz University Hannover "
From Intent to Action: Nudging Users Towards Secure Mobile Payments
"Peter Story, Daniel Smullen, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh, Carnegie Mellon University; Florian Schaub, University of Michigan "
Do Privacy and Security Matter to Everyone? Quantifying and Clustering User-Centric Considerations About Smart Home Device Adoption
"Natã M. Barbosa, Zhuohao Zhang, and Yang Wang, University of Illinois at Urbana-Champaign "
Enhancing Privacy through the Visual Design of Privacy Notices: Exploring the Interplay of Curiosity, Control and Affect
Agnieszka Kitkowska, Karlstad University; Mark Warner, Northumbria University; Yefim Shulman, Tel Aviv University; Erik Wästlund and Leonardo A. Martucci, Karlstad University
"I Have a Narrow Thought Process": Constraints on Explanations Connecting Inferences and Self-Perceptions
"Emilee Rader, Samantha Hautea, and Anjali Munasinghe, Michigan State University "
Replication: Why We Still Can't Browse in Peace: On the Uniqueness and Reidentifiability of Web Browsing Histories
"Sarah Bird, Ilana Segall, and Martin Lopatka, Mozilla "
How Risky Are Real Users' IFTTT Applets?
Camille Cobb and Milijana Surbatovich, Carnegie Mellon University; Anna Kawakami, Wellesley College; Mahmood Sharif, NortonLifeLock; Lujo Bauer, Carnegie Mellon University; Anupam Das, North Carolina State University; Limin Jia, Carnegie Mellon University
"I am uncomfortable sharing what I can't see": Privacy Concerns of the Visually Impaired with Camera Based Assistive Applications
Taslima Akter, Indiana University Bloomington; Bryan Dosono, Syracuse University; Tousif Ahmed and Apu Kapadia, Indiana University Bloomington; Bryan Semaan, Syracuse University
Understanding security mistakes developers make: Qualitative analysis from Build It, Break It, Fix It
Daniel Votipka, Kelsey R. Fulton, James Parker, Matthew Hou, Michelle L. Mazurek, and Michael Hicks, University of Maryland
A Comprehensive Quality Evaluation of Security and Privacy Advice on the Web
Elissa M. Redmiles, Microsoft Research; Noel Warford, Amritha Jayanti, and Aravind Koneru, University of Maryland; Sean Kross, University of California, San Diego; Miraida Morales, Rutgers University; Rock Stevens and Michelle L. Mazurek, University of Maryland
Empirical Measurement of Systemic 2FA Usability
Joshua Reynolds, University of Illinois at Urbana-Champaign and University of California, Berkeley and International Computer Science Institute; Nikita Samarin, University of California, Berkeley and International Computer Science Institute; Joseph Barnes, Taylor Judd, Joshua Mason, and Michael Bailey, University of Illinois at Urbana-Champaign; Serge Egelman, University of California, Berkeley and International Computer Science Institute
What Twitter Knows: Characterizing Ad Targeting Practices, User Perceptions, and Ad Explanations Through Users' Own Twitter Data
Miranda Wei, University of Washington / University of Chicago; Madison Stamos and Sophie Veys, University of Chicago; Nathan Reitinger and Justin Goodman, University of Maryland; Margot Herman, University of Chicago; Dorota Filipczuk, University of Southampton; Ben Weinshel, University of Chicago; Michelle L. Mazurek, University of Maryland; Blase Ur, University of Chicago
The Impact of Ad-Blockers on Product Search and Purchase Behavior: A Lab Experiment
"Alisa Frik, International Computer Science Institute / UC Berkeley; Amelia Haviland and Alessandro Acquisti, Heinz College, Carnegie Mellon University "
An Observational Investigation of Reverse Engineers’ Processes
Daniel Votipka and Seth Rabin, University of Maryland; Kristopher Micinski, Syracuse University; Jeffrey S. Foster, Tufts University; Michelle L. Mazurek, University of Maryland
The Tools and Tactics Used in Intimate Partner Surveillance: An Analysis of Online Infidelity Forums
Emily Tseng, Cornell University; Rosanna Bellini, Open Lab, Newcastle University; Nora McDonald, University of Maryland, Baltimore County; Matan Danos, Weizmann Institute of Science; Rachel Greenstadt and Damon McCoy, New York University; Nicola Dell and Thomas Ristenpart, Cornell Tech
DatashareNetwork: A Decentralized Privacy-Preserving Search Engine for Investigative Journalists
Kasra Edalatnejad and Wouter Lueks, EPFL; Julien Pierre Martin, unaffiliated; Soline Ledésert, Anne L'Hôte, and Bruno Thomas, ICIJ; Laurent Girod and Carmela Troncoso, EPFL
I have too much respect for my elders': Understanding South African Mobile Users' Perceptions of Privacy and Current Behaviors on Facebook and WhatsApp
"Jake Reichel, Fleming Peck, Mikako Inaba, Bisrat Moges, and Brahmnoor Singh Chawla, Princeton University; Marshini Chetty, University of Chicago "
From Needs to Actions to Secure Apps? The Effect of Requirements and Developer Practices on App Security
"Charles Weir, Lancaster University; Ben Hermann, Paderborn University; Sascha Fahl, Leibniz University Hannover "
Multi-country Study of Third Party Trackers from Real Browser Histories
X. Hu, G. Suarez-Tangil, N. Sastry
X-Men: A Mutation-Based Approach for the Formal Analysis of Security Ceremonies
D. Sempreboni, L. Vigano
"Anyone Else Seeing this Error?": Community, System Administrators, and Patch Information
A. Jenkins, P. Kalligeros, M. Wolters, K. Vaniea
User Attitudes On Direct-to-Consumer Genetic Testing
D. Saha, A. Chan, B. Stacy, K. Javkar, S. Patkar, M. Mazurek
A Cross-Platform Evaluation of User Online Privacy
Maryam Mehrnezhad (Newcastle University)
Data Sharing in Mobile Apps — User Privacy Expectations in Europe
Nils Quermann (Ruhr-Universitat Bochum), Martin Degeling (Ruhr-Universitat Bochum
GDPR Reality Check – Claiming and Investigating Personally Identifiable Data from Companies
Fatemeh Alizadeh (University of Siegen); Timo Jakobi (University of Siegen); Alexander Boden (Fraunhofer Institute for Applied Information Technology); Gunnar Stevens (University of Siegen); Jens Boldt (University of Siegen)
Analysis of Publicly Available Anti-Phishing Webpages: Contradicting Information, Lack of Concrete Advice and Very Narrow Attack Vector
Mattia Mossano (Karlsruhe Institute of Technology), Kami Vaniea (University of Edinburgh), Lukas Aldag (Karlsruhe Institute of Technology), Reyhan Duzgun (Karlsruhe Institute of Technology), Peter Mayer (Karlsruhe Institute of Technology), Melanie Volkamer (Karlsruhe Institute of Technology)
Investigating Teenagers' Ability to Detect Phishing Messages
James Nicholson (Northumbria University), Yousra Javed (National University of Sciences and Technology), Matt Dixon (Northumbria University), Lyne Coventry (Northumbria University), Opeyemi Dele Ajayi (Northumbria University), Philip Anderson (Northumbria University)
Do Women in Conservative Societies (Not) Follow Smartphone Security Advice? A Case Study of Saudi Arabia and Pakistan
Elham Al Qahtani (UNC Charlotte), Yousra Javed (National University of Sciences & Technology), Heather Lipford (UNC Charlotte), Mohamed Shehab (UNC Charlotte)
Vision: I Don't Want to Use My Phone! A Cognitive Walkthrough for YubiKeys
Claudia Bischoff (University of Bonn); Eva Gerlitz (FraunhoferKIE); Matthew Smith (University of Bonn /raunhoferKIE)
Vision: Investigating Web APIeveloper Experience in Relation to Terms of Service andrivacyolicies
Aidah Ichario (Heriot-Watt University), Manuel Maarek (Heriot-Watt University)
Vision: Shred If Insecure –ersuasive Messageesign as a Lesson and Alternative torevious Approaches to Usable Secure Email Interface
Jan Tolsdorf (TH Köln - University of Applied Sciences); Luigi Lo Iacono (Hochschule Bonn-Rhein-Sieg
Vision: What If They Allie? Crypto Requirementsor Keyeople
Chan Nam Ngo (University of Trento);anieleriolo (Sapienza University of Rome);abio Massacci (University of Trento);aniele Venturi (Sapienza University of Rome); Ettore Battaiola (Cassa Centrale Banca
Vision: Why Johnny Can't Configure Smart Home? A Behaviouralrameworkor Smart Homerivacy Configuratio
Joseph Shams (King's College London), Nalin A. G. Arachchilage (La Trobe University), Jose M. Such (King's College London)
Simulating the Effects of Social Presence on Trust, Privacy Concerns & Usage Intentions in Automated Bots for Finance
Magdalene Ng (Newcastle University), Kovila P.L. Coopamootoo (Newcastle University), Ehsan Toreini (Newcastle University), Mhairi Aitken (Newcastle University), Karen Elliot (Newcastle University), Aad van Moorsel (Newcastle University)
Cash, Cards or Cryptocurrencies? A Study of Payment Culture in Four Countries
Karoline Busse (University of Bonn), Mohammad Tahaei (University of Edinburgh), Katharina Krombholz (CISPA Helmholtz Center for Information Security), Emanuel von Zezschwitz (University of Bonn), Matthew Smith (University of Bonn/Fraunhofer FKIE), Jing Tian (Zhejiang University), Wenyuan Xu (Zhejiang University)
Improving Non-Experts' Understanding of End-to-End Encryption: An Exploratory Study
Wei Bai (University of Maryland), Michael Pearson (University of Maryland), Patrick Gage Kelley (Google), Michelle L. Mazurek (University of Maryland)
Making Encryption Feel Secure: Investigating how Descriptions of Encryption Impact Perceived Security
Verena Distler (University of Luxembourg); Carine Lallemand (University of Luxembourg / Eindhoven University of Technology); Vincent Koenig (University of Luxembourg)
End User and Expert Perceptions of Threats and Potential Countermeasures
Simon Anell (CISPA Helmholtz Center for Information Security), Lea Grober (CISPA Helmholtz Center for Information Security), Katharina Krombholz (CISPA Helmholtz Center for Information Security)
Security Should Be There By Default: Investigating How Journalists Perceive and Respond to Risks From the Internet of Things
Anjuli R. K. Shere (University of Oxford); Jason R. C. Nurse (University of Kent); Ivan Flechais (University of Oxford)
Tech Pains: Characterizations of Lived Cybersecurity Experiences
Huixin Tian (Indiana University Bloomington), Chris Kanich (University of Illinois, Chicago), Jason Polakis (University of Illinois, Chicago), Sameer Patil (Indiana University Bloomington)
Measuring the Impact of the GDPR on Data Sharing in Ad Networks
Tobias Urban (Insitute for Internet Security; Westphalian University of Applied Sciences); Dennis Tatang, Martin Degeling, and Thorsten Holz (Ruhr University Bochum; Horst Görtz Institute for IT Security); Norbert Pohlmann (Insitute for Internet Security; Westphalian University of Applied Sciences)
"Scam Augmentation and Customization: Identifying Vulnerable Users and Arming Defenders "
"Shahryar Baki, Rakesh Verma, and Omprakash Gnawali (University of Houston "
What risk? I don't understand. An Empirical Study on Users' Understanding of the Terms Used in Security Texts
Tingmin Wu and Rongjunchen Zhang (Swinburne University of Technology; CSIRO's Data61); Wanlun Ma (University of Electronic Science and Technology of China); Sheng Wen (Swinburne University of Technology); Xin Xia (Monash University); Cecile Paris and Surya Nepal (CSIRO's Data61); Yang Xiang (Digital Research & Innovation Capability Platform, Swinburne University of Technology)
Be the Phisher - Understanding Users' Perception of Malicious Domains
Florian Quinkert (Ruhr University Bochum); Martin Degeling (Ruhr University Bochum; Horst Görtz Institute for IT Security); Jim Blythe (ISI, University of Southern California); Thorsten Holz (Ruhr-University Bochum)
運営について
お問い合わせ先
uspread 【アットマーク】klab.is.sci.toho-u.ac.jp
開催担当
金岡 晃(東邦大学)
USP論文読破会3
ユーザブルセキュリティ・プライバシー(USP)論文読破会3
更新日:2019年11月28日
ユーザブルセキュリティ・プライバシーの分野は世界的な発展を見せ、当該分野を専門的に扱う国際会議Symposium on Usable Privacy and Security (SOUPS)への投稿数と採録数も上昇が続いています。 加えて、セキュリティの難関国際会議でもこれらの分野の論文が多く発表されるようになり、裾野は確実に広がっています。 本分野の最先端を幅広く把握するために、SOUPS以外の国際会議も広く対象会議とし、SOUPS論文読破会を発展させたイベントとしてユーザブルセキュリティ・プライバシー論文読破会が開始されました。 本読破会では、参加者同士で協力して発表論文を読破し、内容を紹介することで参加者が本分野の最先端論文を網羅的に把握することを目指します。 また最先端研究を知ることを通してSPT研究会が対象とする分野の国内研究の底上げを図ります。
第3回目となる今回は、2018年11月に開催されたUSP読破会、2019年5月に開催されたUSP読破会2に続く開催です。
開催要項
日時:2019年11月29日(金)10:00~17:30(予定)
会場:化学会館 6F 大会議室601
〒101-8305 東京都千代田区神田駿河台1-5
交通アクセス
参加費
発表者
無料
研究会登録会員
2,000円
情報処理学会学生会員
1,000円
一般(非会員)
3,000円
懇親会
読破会終了後に懇親会を行います。
場所
時間
18:00-20:00
会費
4,500円
発表者募集(締め切りました)
本読破会で論文を報告していただける方を募集します。 1論文につき15分程度(質疑込み)でご紹介ください。 紹介のスライドを事前にお送りいただいて、当日の参加者に配布いたします。
発表申し込みは、定員に達し次第締め切ります。
論文はこの1年(2018年11月~2019年11月)に発表されたユーザブルセキュリティやユーザブルプライバシーに関わると考えられる論文からお好きにお選びください。
参考までに、この1年で発表された論文の中で関わると考えられる論文をページ下部に「参考:代表的な国際会議で発表されたUSP論文3」としてリストアップいたしました。ご参考ください。
発表ご希望の方は、次のアドレスに電子メールをお送りください。 uspread 【アットマーク】klab.is.sci.toho-u.ac.jp (【アットマーク】は@に置換えてください。 )
申込の電子メールについて
メール件名:USP論文読破会3:発表申込
記載いただきたい内容:
氏名
所属(会社名等。学生の場合は学校名)
メールアドレス
希望する論文
担当論文の決定方法について
メール受付後、順次担当する論文を決定させていただきます。 担当が決まった論文は、担当者より発表者にご連絡し本ページ上でアナウンスいたします。
論文担当情報
Hana Habib, Carnegie Mellon University; Yixin Zou, University of Michigan; Aditi Jannu, Neha Sridhar, Chelse Swoopes, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh, Carnegie Mellon University; Florian Schaub, University of Michigan : "An Empirical Analysis of Data Deletion and Opt-Out Choices on 150 Websites" , SOUPS2019
担当:金森祥子(NICT)
Cori Faklaris, Laura Dabbish, and Jason I. Hong, Carnegie Mellon University : A Self-Report Measure of End-User Security Attitudes (SA-6) , SOUPS2019
担当:畑島隆(NTTセキュアプラットフォーム研究所)
Noura Abdi, King's College London; Kopo M. Ramokapane, University of Bristol; Jose M. Such, King's College London : More than Smart Speakers: Security and Privacy Perceptions of Smart Home Personal Assistants , SOUPS2019
担当:谷口太郎(長崎県立大学)
Karoline Busse and Julia Schäfer, University of Bonn; Matthew Smith, University of Bonn/Fraunhofer FKIE : Replication: No One Can Hack My Mind Revisiting a Study on Expert and Non-Expert Security Practices and Advice , SOUPS2019
担当:村木暢哉(TIS株式会社)
Christopher Thompson, Martin Shelton, Emily Stark, Maximilian Walker, Emily Schechter, and Adrienne Porter Felt, Google : The Web's Identity Crisis: Understanding the Effectiveness of Website Identity Indicators , USENIX Security 2019
担当:奥田 哲矢(NTTセキュアプラットフォーム研究所)
Mariano Di Martino and Pieter Robyns, Hasselt University/tUL, Expertise Centre For Digital Media; Winnie Weyts, Hasselt University - Law Faculty; Peter Quax, Hasselt University/tUL, Expertise Centre For Digital Media, Flanders Make; Wim Lamotte, Hasselt University/tUL, Expertise Centre For Digital Media; Ken Andries, Hasselt University - Law Faculty, Attorney at the Brussels Bar : Personal Information Leakage by Abusing the GDPR 'Right of Access' , SOUPS2019
担当:森啓華(早稲田大学)
Constanze Dietrich (Berliner Hochschule für Technik), Katharina Krombholz (CISPA Helmholtz Center (i.G.)), Kevin Borgolte (Princeton University), Tobias Fiebig (TU Delft) : Investigating System Operators’ Perspective on Security Misconfigurations , ACM CCS 2018
担当:尾崎敏司(筑波大学/トレンドマイクロ)
Artem Voronkov, Leonardo A. Martucci, and Stefan Lindskog, Karlstad University : System Administrators Prefer Command Line Interfaces, Don't They? An Exploratory Study of Firewall Interfaces , SOUPS2019
担当:山岸伶(日立製作所)
Vincent Drury and Ulrike Meyer, Department of Computer Science, RWTH Aachen University : Certified Phishing: Taking a Look at Public Key Certificates of Phishing Websites , SOUPS2019
担当:藤田真浩(三菱電機)
Ana Caraban, Evangelos Karapanos, Daniel Gonçalves, and Pedro Campos : 23 Ways to Nudge: A Review of Technology-Mediated Nudging in Human-Computer Interaction , ACM CHI 2019
担当:篠田詩織(NTTセキュアプラットフォーム研究所)
Il-Youp Kwak, Jun Ho Huh, Seung Taek Han, Iljoo Kim, and Jiwon Yoon : Voice Presentation Attack Detection through Text-Converted Voice Command Analysis , ACM CHI 2019
担当:大木哲史(静岡大学)
Frank Li, University of California, Berkeley; Lisa Rogers, University of Maryland; Arunesh Mathur, Princeton University; Nathan Malkin, University of California, Berkeley; Marshini Chetty, Princeton University : Keepers of the Machines: Examining How System Administrators Manage Software Updates For Multiple Machines , SOUPS2019
担当:田中啓介(トレンドマイクロ)
Hala Assal and Sonia Chiasson : Think secure from the beginning': A Survey with Software Developers , ACM CHI 2019
担当:ももいやすなり(株式会社インターネットイニシアティブ)
Amber van der Heijden and Luca Allodi, Eindhoven University of Technology : Cognitive Triaging of Phishing Attacks , USENIX Security 201
担当:秋山満昭(NTTセキュアプラットフォーム研究所)
Alena Naiakshina, Anastasia Danilova, Eva Gerlitz, Emanuel von Zezschwitz, and Matthew Smith : "If you want, I can store the encrypted password": A Password-Storage Field Study with Freelance Developers , ACM CHI 2019
担当:須賀祐治(株式会社インターネットイニシアティブ)
参加申込
件名を「参加申込」として,次のアドレスに電子メールをお送りください.
(メールは自動返信ではないので,すぐにはお手元に届きません.) uspread 【アットマーク】klab.is.sci.toho-u.ac.jp
申込の電子メールについて
メール件名:USP論文読破会3:参加申込
記載いただきたい内容:
氏名
所属(会社名等。学生の場合は学校名)
メールアドレス
参加者区別(研究会登録会員、情報処理学会学生会員、一般(非会員))
懇親会の出欠
お知らせ
目玉企画!
2019年6月に開催されたEuroUSECで、早稲田大 森啓華さん主著の論文が採録されました。
Comparative Analysis of Three Language Spheres: Are Linguistic and Cultural Differences Reflected in Password Selection Habits?
Keika Mori (Waseda University); Takuya Watanabe (NTT Secure Platform Laboratories); Yunao Zhou (Waseda University); Ayako Akiyama Hasegawa (NTT Secure Platform Laboratories); Mitsuaki Akiyama (NTT Secure Platform Laboratories); Tatsuya Mori (Waseda University / RIKEN AIP / NICT)
USP論文読破会3では、森さんにお越しいただき、その発表内容に加え、採録までの道のりをお話いただく予定です。
その他
当日は論文は配布しませんので、各自でご準備ください。
研究会非会員の方は、この機会にSPT研究会会員登録をお薦めします。 学会員の方の登録費は3,600円(税抜)です!
情報処理学会に入会するためには、別途入会金と年会費が必要になります。 なお非会員の方でも研究会登録することができます。 その場合の研究会登録費は4,600円です。
研究会の登録の詳細については「研究会に登録する(情報処理学会)」をご参照ください。
参考:代表的な国際会議で発表されたUSP論文3
※USP論文読破会、USP読破会2で紹介された論文は除いています
Asking for a Friend: Evaluating Response Biases in Security User Studies
Elissa M. Redmiles (University of Maryland), Ziyun Zhu (University of Maryland), Sean Kross (University of California San Diego), Dhruv Kuchhal (Maharaja Agrasen Institute of Technology), Tudor Dumitras (University of Maryland), Michelle L. Mazurek (University of Maryland)
Towards Usable Checksums: Automating the Integrity Verification of Web Downloads for the Masses
Mauro Cherubini (UNIL – HEC Lausanne), Alexandre Meylan (UNIL – HEC Lausanne), Bertil Chapuis (UNIL – HEC Lausanne), Mathias Humbert (Swiss Data Science Center, ETH Zurich and EPFL), Igor Bilogrevic (Google Inc.), Kévin Huguenin (UNIL – HEC Lausanne)
Investigating System Operators’ Perspective on Security Misconfigurations
Constanze Dietrich (Berliner Hochschule für Technik), Katharina Krombholz (CISPA Helmholtz Center (i.G.)), Kevin Borgolte (Princeton University), Tobias Fiebig (TU Delft)
Detecting User Experience Issues of the Tor Browser In The Wild
Kevin Gallagher (New York University), Sameer Patil (Indiana University Bloomington), Brendan Dolan-Gavitt (New York University), Damon McCoy (New York University), Nasir Memon (New York University)
Predicting Impending Exposure to Malicious Content from User Behavior
Mahmood Sharif (Carnegie Mellon University), Jumpei Urakawa (KDDI Research), Nicolas Christin (Carnegie Mellon University), Ayumu Kubota (KDDI Research), Akira Yamada (KDDI Research)
Reinforcing System-Assigned Passphrases Through Implicit Learning
Zeinab Joudaki (University of Ontario Institute of Technology), Julie Thorpe (University of Ontario Institute of Technology), Miguel Vargas Martin (University of Ontario Institute of Technology)
“What was that site doing with my Facebook password?”, Designing Password-Reuse Notifications
Maximilian Golla (Ruhr-University Bochum), Miranda Wei (University of Chicago), Juliette Hainline (University of Chicago), Lydia Filipe (University of Chicago), Markus Dürmuth (Ruhr-University Bochum), Elissa M. Redmiles (University of Maryland), Blase Ur (University of Chicago)
On the Accuracy of Password Strength Meters
Maximilian Golla (Ruhr-University Bochum), Markus Dürmuth (Ruhr-University Bochum)
TextBugger: Generating Adversarial Text Against Real-world Applications
Jinfeng Li (Zhejiang University), Shouling Ji (Zhejiang University), Tianyu Du (Zhejiang University), Bo Li (University of California, Berkeley), Ting Wang (Lehigh University)
Quantity vs. Quality: Evaluating User Interest Profiles Using Ad Preference Managers
Muhammad Ahmad Bashir (Northeastern University), Umar Farooq (LUMS Pakistan), Maryam Shahid (LUMS Pakistan), Muhammad Fareed Zaffar (LUMS Pakistan), Christo Wilson (Northeastern University)
Total Recall: Persistence of Passwords in Android
Jaeho Lee (Rice University), Ang Chen (Rice University), Dan S. Wallach (Rice University)
How to End Password Reuse on the Web
Ke Coby Wang (UNC Chapel Hill), Michael K. Reiter (UNC Chapel Hill)
Balancing Image Privacy and Usability with Thumbnail-Preserving Encryption
Kimia Tajik (Oregon State University), Akshith Gunasekaran (Oregon State University), Rhea Dutta (Cornell University), Brandon Ellis (Oregon State University), Rakesh B. Bobba (Oregon State University), Mike Rosulek (Oregon State University), Charles V. Wright (Portland State University), Wu-Chi Feng (Portland State University)
Security When it is Welcome: Exploring Device Purchase as an Opportune Moment for Security Behavior Change
Simon Parkin (University College London); Elissa M. Redmiles (University of Maryland); Lynne Coventry (Northumbria University); M. Angela Sasse (Ruhr University Bochum and University College London)
Cybercrime Investigators are Users Too! Understanding the Socio-Technical Challenges Faced by Law Enforcement
Mariam Nouh (University of Oxford); Jason R. C. Nurse (University of Kent); Helena Webb, Michael Goldsmith (University of Oxford)
A Phish Scale: Rating Human Phishing Message Detection Difficulty
Michelle P. Steves, Kristen K. Greene, Mary F. Theofanos (National Institute of Standards and Technology)
In Control with no Control: Perceptions and Reality of Windows 10 Home Edition Update Features
Jason Morris, Ingolf Becker, Simon Parkin (University College London)
Will They Share? Predicting Location Sharing Behaviors of Smartphone Users through Self-Reflection on Past Privacy Behaviors
Muhammad Irtaza Safi, Abhiditya Jha (University of Central Florida); Malak Eihab Aly (New York University); Xinru Page (Bentley University); Sameer Patil (Indiana University); Pamela Wisniewski (University of Central Florida)
Designing a Mobile App to Support Social Processes for Privacy and Security Decisions
Zaina Aljallad (University of Central Florida); Wentao Guo (Pomona College); Chhaya Chouhan, Christy Laperriere (University of Central Florida); Jess Kropczynski (University of Cincinnati); Pamela Wisnewski (University of Central Florida); Heather Lipford (University of North Carolina at Charlotte)
A First Look at the Usability of OpenVAS Vulnerability Scanner
M. Uğur Aksu, Enes Altuncu, Kemal Bicakci (TOBB University of Economics and Technology)
Work in Progress: On the In-Accuracy and Influence of Android Pattern Strength Meters
Maximilian Golla, Jan Rimkus (Ruhr University Bochum); Adam J. Aviv (United States Naval Academy); Markus Dürmuth (Ruhr University Bochum)
Stop to Unlock - Improving the Security of Android Unlock Patterns
Alexander Suchan (SBA Research); Emanuel von Zezschwitz (Usable Security Methods Group, University of Bonn, Bonn, Germany); Katharina Krombholz (CISPA Helmholtz Center for Information Security)
Continuous Smartphone Authentication using Wristbands
Shrirang Mare (University of Washington); Reza Rawassizadeh (University of Rochester); Ronald Peterson, David Kotz (Dartmouth College)
Work in Progress: A Comparative Long-Term Study of Fallback Authentication
Philipp Markert, Maximilian Golla (Ruhr University Bochum); Elizabeth Stobert (National Research Council of Canada); Markus Dürmuth (Ruhr University Bochum)
Case Study – Exploring Children’s Password Knowledge and Practices
Yee-Yin Choong, Mary Theofanos (NIST); Karen Renaud, Suzanne Prior (Abertay University)
What Happens After Disclosing Stigmatized Experiences on Identified Social Media: Individual, Dyadic, and Social/Network Outcomes
Nazanin Andalibi
Exploring How Privacy and Security Factor into IoT Device Purchase Behavior
Pardis Emami-Naeini, Henry Dixon, Yuvraj Agarwal, and Lorrie Faith Cranor
Defending My Castle: A Co-Design Study of Privacy Mechanisms for Smart Homes
Yaxing Yao, Justin Reed Basdeo, Smirity Kaushik, and Yang Wang
I (Don't) See What You Typed There! Shoulder-surfing Resistant Password Entry on Gamepads
Peter Mayer, Nina Gerber, Benjamin Reinheimer, Philipp Rack, Kristoffer Braun, and Melanie Volkamer
Voice Presentation Attack Detection through Text-Converted Voice Command Analysis
Il-Youp Kwak, Jun Ho Huh, Seung Taek Han, Iljoo Kim, and Jiwon Yoon
An Exploration of Bitcoin Mining Practices: Miners' Trust Challenges and Motivations
Irni Eliana Khairuddin and Corina Sas
Signal Appropriation of Explicit HIV Status Disclosure Fields in Sex-Social Apps used by Gay and Bisexual Men
Mark Warner, Juan F. Maestre, Jo Gibbs, Chia-Fang Chung, and Ann Blandford
Local Standards for Anonymization Practices in Health, Wellness, Accessibility, and Aging Research at CHI
Jacob Abbott, Haley MacLeod, Novia Nurain, Gustave Ekobe, and Sameer Patil
Emotion and Experience in Negotiating HIV-Related Digital Resources: "It's not just a runny nose!"
Aneesha Singh, Jo Gibbs, and Ann Blandford
"This Girl is on Fire": Sensemaking in an Online Health Community for Vulvodynia
Alyson L. Young and Andrew D. Miller
Upside and Downside Risk in Online Security for Older Adults with Mild Cognitive Impairment
Helena M. Mentis, Galina Madjaroff, and Aaron K. Massey
Automation Accuracy Is Good, but High Controllability May Be Better
Quentin Roy, Futian Zhang, and Daniel Vogel
AI-Mediated Communication: How the Perception that Profile Text was Written by AI Affects Trustworthiness
Maurice Jakesch, Megan French, Xiao Ma, Jeffrey T. Hancock, and Mor Naaman
Machine Heuristic: When We Trust Computers More than Humans with Our Personal Information
S. Shyam Sundar and Jinyoung Kim
Understanding Trust, Transportation, and Accessibility through Ridesharing
Robin N. Brewer and Vaishnav Kameswaran
23 Ways to Nudge: A Review of Technology-Mediated Nudging in Human-Computer Interaction
Ana Caraban, Evangelos Karapanos, Daniel Gonçalves, and Pedro Campos
REsCUE: A framework for REal-time feedback on behavioral CUEs using multimodal anomaly detection
Riku Arakawa and Hiromu Yakura
Towards an Effective Digital Literacy Intervention to Assist Returning Citizens with Job Search
Ihudiya Finda Ogbonnaya-Ogburu, Kentaro Toyama, and Tawanna R. Dillahunt
Tough Times at Transitional Homeless Shelters: Considering the Impact of Financial Insecurity on Digital Security and Privacy
Manya Sleeper, Tara Matthews, Kathleen O'Leary, Anna Turner, Jill Palzkill Woelfer, Martin Shelton, Andrew Oplinger, Andreas Schou, and Sunny Consolvo
What.Hack: Engaging Anti-Phishing Training Through a Role-playing Phishing Simulation Game
Zikai Alex Wen, Zhiqiu Lin, Rowena Chen, and Erik Andersen
How Do Humans Assess the Credibility on Web Blogs: Qualifying and Verifying Human Factors with Machine Learning
Yonggeol Jo, Minwoo Kim, and Kyungsik Han
"Everyone Has Some Personal Stuff": Designing to Support Digital Privacy with Shared Mobile Phone Use in Bangladesh
Syed Ishtiaque Ahmed, Md. Romael Haque, Irtaza Haider, Jay Chen, and Nicola Dell
A Field Study of Computer-Security Perceptions Using Anti-Virus Customer-Support Chats
Mahmood Sharif, Kevin A. Roundy, Matteo Dell'Amico, Christopher Gates, Daniel Kats, Lujo Bauer, and Nicolas Christin
"If It's Important It Will Be A Headline": Cybersecurity Information Seeking in Older Adults
James Nicholson, Lynne Coventry, and Pamela Briggs
Security - Visible, Yet Unseen?
Verena Distler, Marie-Laure Zollinger, Carine Lallemand, Peter B. Roenne, Peter Y. A. Ryan, and Vincent Koenig
You `Might' Be Affected: An Empirical Analysis of Readability and Usability Issues in Data Breach Notifications
Yixin Zou, Shawn Danino, Kaiwen Sun, and Florian Schaub
`I make up a silly name': Understanding Children's Perception of Privacy Risks Online
Jun Zhao, Ge Wang, Carys Dally, Petr Slovak, Julian Edbrooke-Childs, Max Van Kleek, and Nigel Shadbolt
Risk vs. Restriction: The Tension between Providing a Sense of Normalcy and Keeping Foster Teens Safe Online
Karla Badillo-Urquiola, Xinru Page, and Pamela J. Wisniewski
Laughing is Scary, but Farting is Cute: A Conceptual Model of Children's Perspectives of Creepy Technologies
Jason C. Yip, Kiley Sobel, Xin Gao, Allison Marie Hishikawa, Alexis Lim, Laura Meng, Romaine Flor Ofiana, Justin Park, and Alexis Hiniker
Think secure from the beginning': A Survey with Software Developers
Hala Assal and Sonia Chiasson
"If you want, I can store the encrypted password": A Password-Storage Field Study with Freelance Developers
Alena Naiakshina, Anastasia Danilova, Eva Gerlitz, Emanuel von Zezschwitz, and Matthew Smith
Security Managers Are Not The Enemy Either
Lena Reinfelder, Robert Landwirth, and Zinaida Benenson
Privacy, Anonymity, and Perceived Risk in Open Collaboration: A Study of Service Providers
Nora McDonald, Benjamin Mako Hill, Rachel Greenstadt, and Andrea Forte
Put Your Warning Where Your Link Is: Improving and Evaluating Email Phishing Warnings
Justin Petelka, Yixin Zou, and Florian Schaub
Let Me Explain: Impact of Personal and Impersonal Explanations on Trust in Recommender Systems
Johannes Kunkel, Tim Donkers, Lisa Michael, Catalin-Mihai Barbu, and Jürgen Ziegler
Towards Understanding the Link Between Age and Smartphone Authentication
Lina Qiu, Alexander De Luca, Ildar Muslukhov, and Konstantin Beznosov
Vulnerability & Blame: Making Sense of Unauthorized Access to Smartphones
Diogo Marques, Tiago Guerreiro, Luis Carriço, Ivan Beschastnikh, and Konstantin Beznosov
Passquerade: Improving Error Correction of Text Passwords on Mobile Devices by using Graphic Filters for Password Masking
Mohamed Khamis, Tobias Seitz, Leonhard Mertl, Alice Nguyen, Mario Schneller, and Zhe Li
"Pretty Close to a Must-Have": Balancing Usability Desire and Security Concern in Biometric Adoption
Flynn Wolf, Ravi Kuber, and Adam J. Aviv
Does Being Verified Make You More Credible?: Account Verification's Effect on Tweet Credibility
Tavish Vaidya, Daniel Votipka, Michelle L. Mazurek, and Micah Sherr
Can Privacy Be Satisfying?: On Improving Viewer Satisfaction for Privacy-Enhanced Photos Using Aesthetic Transforms
Rakibul Hasan, Yifang Li, Eman Hassan, Kelly Caine, David J. Crandall, Roberto Hoyle, and Apu Kapadia
I Don't Even Have to Bother Them!: Using Social Media to Automate the Authentication Ceremony in Secure Messaging
Elham Vaziripour, Devon Howard, Jake Tyler, Mark O'Neill, Justin Wu, Kent Seamons, and Daniel Zappala
Techies Against Facebook: Understanding Negative Sentiment Toward Facebook via User Generated Content
Abu Saleh Md Noman, Sanchari Das, and Sameer Patil
A Promise Is A Promise: The Effect of Commitment Devices on Computer Security Intentions
Alisa Frik, Nathan Malkin, Marian Harbach, Eyal Peer, and Serge Egelman
Bringing Design to the Privacy Table: Broadening “Design” in “Privacy by Design” Through the Lens of HCI
Richmond Y. Wong and Deirdre K. Mulligan
Privacy, Power, and Invisible Labor on Amazon Mechanical Turk
Shruti Sannon and Dan Cosley
On the Usability of HTTPS Deployment
Matthew Bernhard, Jonathan Sharman, Claudia Ziegler Acemyan, Philip Kortum, Dan S. Wallach, and J. Alex Halderman
Hey Google, Can I Ask You Something in Private?
Eugene Cho
Privacy and Security Considerations For Digital Technology Use in Elementary Schools
Priya C. Kumar, Marshini Chetty, Tamara L. Clegg, and Jessica Vitak
Why Johnny Fails to Protect his Privacy
Nina Gerber (Karlsruhe Institute of Technology); Verena Zimmermann (Technische Universität Darmstadt); Melanie Volkamer (Karlsruhe Institute of Technology)
"Don't punish all of us": Measuring User Attitudes about Two-Factor Authentication
Jonathan Dutson, Danny Allen, Dennis Eggett, and Kent Seamons (Brigham Young University)
A Survey on Developer-Centred Security
Mohammad Tahaei and Kami Vaniea (University of Edinburgh)
How Could Serious Games Support Secure Programming? Designing a Study Replication and Intervention
Manuel Maarek and Léon McGregor (Heriot-Watt University); Sandy Louchart and Ross McMenemy (Glasgow School of Art)
Vision: Shining Light on Smart Homes – Supporting Informed Decision-Making of End Users
Verena Zimmermann, Ernestine Dickhaut, Paul Gerber, and Joachim Vogt (Technische Universität Darmstadt)
Vision: Exploring Challenges and Opportunities for Usable Authentication in the Smart Home
Sarah Prange (Bundeswehr University); Emanuel von Zezschwitz (University of Bonn); Florian Alt (Bundeswehr University)
Comparative Analysis of Three Language Spheres: Are Linguistic and Cultural Differences Reflected in Password Selection Habits?
Keika Mori (Waseda University); Takuya Watanabe (NTT Secure Platform Laboratories); Yunao Zhou (Waseda University); Ayako Akiyama Hasegawa (NTT Secure Platform Laboratories); Mitsuaki Akiyama (NTT Secure Platform Laboratories); Tatsuya Mori (Waseda University / RIKEN AIP / NICT)
Detecting Misalignments Between System Security and User Perceptions: A Preliminary Socio-Technical Analysis of an E2E Email Encryption System
Borce Stojkovski, Itzel Vazquez Sandoval, and Gabriele Lenzini (University of Luxembourg)
A Review of Human- and Computer-Facing URL Phishing Features
Kholoud Althobaiti (University of Edinburgh / Taif University); Ghaidaa Rummani (Hood College); Kami Vaniea (University of Edinburgh)
2 Fast 2 Secure: A Case Study of Post-Breach Security Changes
Albesë Demjaha, Tristan Caulfield, M. Angela Sasse, and David Pym (University College London)
Reasoning Analytically About Password-Cracking Software
Alex Liu (University of Chicago), Amanda Nakanishi (University of Chicago), Maximilian Golla (Ruhr-University Bochum), David Cash (University of Chicago), Blase Ur (University of Chicago)
Beyond Credential Stuffing: Password Similarity Models using Neural Networks
Bijeeta Pal (Cornell University), Tal Daniel (Technion), Rahul Chatterjee (Cornell University), Thomas Ristenpart (Cornell Tech)
"Should I Worry?" A Cross-Cultural Examination of Account Security Incident Response
Elissa M. Redmiles (University of Maryland)
How Well Do My Results Generalize? Comparing Security and Privacy Survey Results from MTurk, Web, and Telephone Samples
Elissa M. Redmiles (University of Maryland), Sean Kross (University of California San Diego), Michelle L. Mazurek (University of Maryland)
Dangerous Skills: Understanding and Mitigating Security Risks of Voice-Controlled Third-Party Functions on Virtual Personal Assistant Systems
Nan Zhang (Indiana University, Bloomington), Xianghang Mi (Indiana University, Bloomington), Xuan Feng (Indiana University, Bloomington; Beijing Key Laboratory of IOT Information Security Technology, Institute of Information Engineering, CAS, China), XiaoFeng Wang (Indiana University, Bloomington), Yuan Tian (University of Virginia), Feng Qian (Indiana University, Bloomington)
Cooperative Privacy and Security: Learning from People with Visual Impairments and Their Allies
Jordan Hayes, Smirity Kaushik, Charlotte Emily Price, and Yang Wang, Syracuse University
Privacy and Security Threat Models and Mitigation Strategies of Older Adults
Alisa Frik, International Computer Science Institute (ICSI) and University of California, Berkeley; Leysan Nurgalieva, University of Trento; Julia Bernd, International Computer Science Institute (ICSI); Joyce Lee, University of California, Berkeley; Florian Schaub, University of Michigan; Serge Egelman, International Computer Science Institute (ICSI) and University of California, Berkeley
Evaluating Users’ Perceptions about a System’s Privacy: Differentiating Social and Institutional Aspects
Oshrat Ayalon and Eran Toch, Tel Aviv University
A Self-Report Measure of End-User Security Attitudes (SA-6)
Cori Faklaris, Laura Dabbish, and Jason I. Hong, Carnegie Mellon University
The Effect of Entertainment Media on Mental Models of Computer Security
Kelsey R. Fulton, Rebecca Gelles, Alexandra McKay, Richard Roberts, Yasmin Abdi, and Michelle L. Mazurek, University of Maryland
A Typology of Perceived Triggers for End-User Security and Privacy Behaviors
Sauvik Das, Georgia Institute of Technology; Laura A. Dabbish and Jason I. Hong, Carnegie Mellon University
Replication: No One Can Hack My Mind Revisiting a Study on Expert and Non-Expert Security Practices and Advice
Karoline Busse and Julia Schäfer, University of Bonn; Matthew Smith, University of Bonn/Fraunhofer FKIE
"Something isn't secure, but I'm not sure how that translates into a problem": Promoting autonomy by designing for understanding in Signal
Justin Wu, Cyrus Gattrell, Devon Howard, and Jake Tyler, Brigham Young University; Elham Vaziripour, Utah Valley University; Kent Seamons and Daniel Zappala, Brigham Young University
"I was told to buy a software or lose my computer. I ignored it": A study of ransomware
Camelia Simoiu, Stanford University; Christopher Gates, Symantec; Joseph Bonneau, New York University; Sharad Goel, Stanford University
Enhancing Privacy through an Interactive On-demand Incremental Information Disclosure Interface: Applying Privacy-by-Design to Record Linkage
Hye-Chung Kum, Population Informatics Lab, Texas A&M University; Eric D. Ragan, INDIE Lab, University of Florida; Gurudev Ilangovan, Mahin Ramezani, Qinbo Li, and Cason Schmit, Population Informatics Lab, Texas A&M University
From Usability to Secure Computing and Back Again
Lucy Qin, Andrei Lapets, Frederick Jansen, Peter Flockhart, Kinan Dak Albab, and Ira Globus-Harris, Boston University; Shannon Roberts, University of Massachusetts Amherst; Mayank Varia, Boston University
Certified Phishing: Taking a Look at Public Key Certificates of Phishing Websites
Vincent Drury and Ulrike Meyer, Department of Computer Science, RWTH Aachen University
"We Can't Live Without Them!" App Developers' Adoption of Ad Networks and Their Considerations of Consumer Risks
Abraham H. Mhaidli, Yixin Zou, and Florian Schaub, University of Michigan School of Information
Usability Smells: An Analysis of Developers’ Struggle With Crypto Libraries
Nikhil Patnaik, Joseph Hallett, and Awais Rashid, University of Bristol
System Administrators Prefer Command Line Interfaces, Don't They? An Exploratory Study of Firewall Interfaces
Artem Voronkov, Leonardo A. Martucci, and Stefan Lindskog, Karlstad University
Keepers of the Machines: Examining How System Administrators Manage Software Updates For Multiple Machines
Frank Li, University of California, Berkeley; Lisa Rogers, University of Maryland; Arunesh Mathur, Princeton University; Nathan Malkin, University of California, Berkeley; Marshini Chetty, Princeton University
Communicating Device Confidence Level and Upcoming Re-Authentications in Continuous Authentication Systems on Mobile Devices
Lukas Mecke, University of Applied Sciences Munich, Munich, Germany and LMU Munich, Munich, Germany; Sarah Delgado Rodriguez and Daniel Buschek, LMU Munich, Munich, Germany; Sarah Prange, University of Applied Sciences Munich, Munich, Germany and Bundeswehr University Munich, Munich, Germany and LMU Munich, Munich, Germany; Florian Alt, Bundeswehr University Munich, Munich, Germany
Exploring Intentional Behaviour Modifications for Password Typing on Mobile Touchscreen Devices
Lukas Mecke, University of Applied Sciences Munich, Munich, Germany and LMU Munich, Munich, Germany; Daniel Buschek and Mathias Kiermeier, LMU Munich, Munich, Germany; Sarah Prange, University of Applied Sciences Munich, Munich, Germany and Bundeswehr University Munich, Munich, Germany and LMU Munich, Munich, Germany; Florian Alt, Bundeswehr University Munich, Munich, Germany
Why people (don’t) use password managers effectively
Sarah Pearman, Shikun Aerin Zhang, Lujo Bauer, Nicolas Christin, and Lorrie Faith Cranor, Carnegie Mellon University
Of Two Minds about Two-Factor: Understanding Everyday FIDO U2F Usability through Device Comparison and Experience Sampling
Stéphane Ciolino, OneSpan Innovation Centre & University College London; Simon Parkin, University College London; Paul Dunphy, OneSpan Innovation Centre
A Usability Study of Five Two-Factor Authentication Methods
Ken Reese, Trevor Smith, Jonathan Dutson, Jonathan Armknecht, Jacob Cameron, and Kent Seamons, Brigham Young University
Personal Information Leakage by Abusing the GDPR 'Right of Access'
Mariano Di Martino and Pieter Robyns, Hasselt University/tUL, Expertise Centre For Digital Media; Winnie Weyts, Hasselt University - Law Faculty; Peter Quax, Hasselt University/tUL, Expertise Centre For Digital Media, Flanders Make; Wim Lamotte, Hasselt University/tUL, Expertise Centre For Digital Media; Ken Andries, Hasselt University - Law Faculty, Attorney at the Brussels Bar
An Empirical Analysis of Data Deletion and Opt-Out Choices on 150 Websites
Hana Habib, Carnegie Mellon University; Yixin Zou, University of Michigan; Aditi Jannu, Neha Sridhar, Chelse Swoopes, Alessandro Acquisti, Lorrie Faith Cranor, and Norman Sadeh, Carnegie Mellon University; Florian Schaub, University of Michigan
The Fog of Warnings: How Non-essential Notifications Blur with Security Warnings
Anthony Vance, Temple University; David Eargle, University of Colorado Boulder; Jeffrey L. Jenkins, C. Brock Kirwan, and Bonnie Brinton Anderson, Brigham Young University
“There is nothing that I need to keep secret”: Sharing Practices and Concerns of Wearable Fitness Data
Abdulmajeed Alqhatani and Heather Richter Lipford, University of North Carolina at Charlotte
"I don't own the data": End User Perceptions of Smart Home Device Data Practices and Risks
Madiha Tabassum, University of North Carolina at Charlotte; Tomasz Kosinski, Chalmers University of Technology; Heather Lipford, University of North Carolina at Charlotte
More than Smart Speakers: Security and Privacy Perceptions of Smart Home Personal Assistants
Noura Abdi, King's College London; Kopo M. Ramokapane, University of Bristol; Jose M. Such, King's College London
Computer Security and Privacy in the Interactions Between Victim Service Providers and Human Trafficking Survivors
Christine Chen, University of Washington; Nicola Dell, Cornell Tech; Franziska Roesner, University of Washington
Clinical Computer Security for Victims of Intimate Partner Violence
Sam Havron, Diana Freed, and Rahul Chatterjee, Cornell Tech; Damon McCoy, New York University; Nicola Dell and Thomas Ristenpart, Cornell Tech
Evaluating the Contextual Integrity of Privacy Regulation: Parents' IoT Toy Privacy Norms Versus COPPA
Noah Apthorpe, Sarah Varghese, and Nick Feamster, Princeton University
Understanding and Improving Security and Privacy in Multi-User Smart Homes: A Design Exploration and In-Home User Study