Perception of risky security behaviour by users: survey of current approaches

Lynsay A. Shepherd; Jacqueline Archibald; R. I. Ferguson

doi:10.1007/978-3-642-39345-7_19

Perception of risky security behaviour by users: survey of current approaches

Lynsay A. Shepherd, Jacqueline Archibald, R. I. Ferguson

Division of Games and Arts

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

4 Citations (Scopus)

Abstract

What constitutes risky security behaviour is not necessarily obvious to users and as a consequence end-user devices could be vulnerable to compromise. This paper seeks to lay the groundwork for a project to provide instant warning via automatic recognition of risky behaviour. It examines three aspects of the problem, behaviour taxonomy, techniques for its monitoring and recognition and means of giving appropriate feedback. Consideration is given to a way of quantifying the perception of risk a user may have. An ongoing project is described in which the three aspects are being combined in an attempt to better educate users to the risks and consequences of poor security behaviour. The paper concludes that affective feedback may be an appropriate method for interacting with users in a browser-based environment.

Original language	English
Title of host publication	Human aspects of information security, privacy, and trust
Subtitle of host publication	first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings
Editors	Louis Marinos, Ioannis Askoxylakis
Place of Publication	Berlin
Publisher	Springer-Verlag
Pages	176-185
Number of pages	10
ISBN (Electronic)	9783642393457
ISBN (Print)	9783642393440
DOIs	https://doi.org/10.1007/978-3-642-39345-7_19
Publication status	Published - 2013
Event	1st International Conference on Human Aspects of Information Security, Privacy and Trust - Las Vegas, United States Duration: 20 Jul 2013 → 25 Jul 2013 Conference number: 1

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer-Verlag
Number	8030
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	1st International Conference on Human Aspects of Information Security, Privacy and Trust
Abbreviated title	HAS 2013
Country/Territory	United States
City	Las Vegas
Period	20/07/13 → 25/07/13

Keywords

End-user security behaviours
Usable security
Risk perception
Affective computing
User feedback
Security awareness
User monitoring techniques

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1007/978-3-642-39345-7_19

Cite this

Shepherd, L. A., Archibald, J., & Ferguson, R. I. (2013). Perception of risky security behaviour by users: survey of current approaches. In L. Marinos, & I. Askoxylakis (Eds.), Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings (pp. 176-185). (Lecture Notes in Computer Science; No. 8030). Springer-Verlag. https://doi.org/10.1007/978-3-642-39345-7_19

Shepherd, Lynsay A. ; Archibald, Jacqueline ; Ferguson, R. I. / Perception of risky security behaviour by users : survey of current approaches. Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings. editor / Louis Marinos ; Ioannis Askoxylakis. Berlin : Springer-Verlag, 2013. pp. 176-185 (Lecture Notes in Computer Science; 8030).

@inproceedings{0ac662bf7d88406b8f01bb92436f04d6,

title = "Perception of risky security behaviour by users: survey of current approaches",

abstract = "What constitutes risky security behaviour is not necessarily obvious to users and as a consequence end-user devices could be vulnerable to compromise. This paper seeks to lay the groundwork for a project to provide instant warning via automatic recognition of risky behaviour. It examines three aspects of the problem, behaviour taxonomy, techniques for its monitoring and recognition and means of giving appropriate feedback. Consideration is given to a way of quantifying the perception of risk a user may have. An ongoing project is described in which the three aspects are being combined in an attempt to better educate users to the risks and consequences of poor security behaviour. The paper concludes that affective feedback may be an appropriate method for interacting with users in a browser-based environment.",

author = "Shepherd, {Lynsay A.} and Jacqueline Archibald and Ferguson, {R. I.}",

year = "2013",

doi = "10.1007/978-3-642-39345-7_19",

language = "English",

isbn = "9783642393440",

series = "Lecture Notes in Computer Science",

publisher = "Springer-Verlag",

number = "8030",

pages = "176--185",

editor = "Louis Marinos and Ioannis Askoxylakis",

booktitle = "Human aspects of information security, privacy, and trust",

note = "1st International Conference on Human Aspects of Information Security, Privacy and Trust, HAS 2013 ; Conference date: 20-07-2013 Through 25-07-2013",

}

Shepherd, LA , Archibald, J & Ferguson, RI 2013, Perception of risky security behaviour by users: survey of current approaches. in L Marinos & I Askoxylakis (eds), Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings. Lecture Notes in Computer Science, no. 8030, Springer-Verlag, Berlin, pp. 176-185, 1st International Conference on Human Aspects of Information Security, Privacy and Trust, Las Vegas, Nevada, United States, 20/07/13. https://doi.org/10.1007/978-3-642-39345-7_19

Perception of risky security behaviour by users : survey of current approaches. / Shepherd, Lynsay A.; Archibald, Jacqueline ; Ferguson, R. I.

Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings. ed. / Louis Marinos; Ioannis Askoxylakis. Berlin : Springer-Verlag, 2013. p. 176-185 (Lecture Notes in Computer Science; No. 8030).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Perception of risky security behaviour by users

T2 - 1st International Conference on Human Aspects of Information Security, Privacy and Trust

AU - Shepherd, Lynsay A.

AU - Archibald, Jacqueline

AU - Ferguson, R. I.

N1 - Conference code: 1

PY - 2013

Y1 - 2013

N2 - What constitutes risky security behaviour is not necessarily obvious to users and as a consequence end-user devices could be vulnerable to compromise. This paper seeks to lay the groundwork for a project to provide instant warning via automatic recognition of risky behaviour. It examines three aspects of the problem, behaviour taxonomy, techniques for its monitoring and recognition and means of giving appropriate feedback. Consideration is given to a way of quantifying the perception of risk a user may have. An ongoing project is described in which the three aspects are being combined in an attempt to better educate users to the risks and consequences of poor security behaviour. The paper concludes that affective feedback may be an appropriate method for interacting with users in a browser-based environment.

AB - What constitutes risky security behaviour is not necessarily obvious to users and as a consequence end-user devices could be vulnerable to compromise. This paper seeks to lay the groundwork for a project to provide instant warning via automatic recognition of risky behaviour. It examines three aspects of the problem, behaviour taxonomy, techniques for its monitoring and recognition and means of giving appropriate feedback. Consideration is given to a way of quantifying the perception of risk a user may have. An ongoing project is described in which the three aspects are being combined in an attempt to better educate users to the risks and consequences of poor security behaviour. The paper concludes that affective feedback may be an appropriate method for interacting with users in a browser-based environment.

U2 - 10.1007/978-3-642-39345-7_19

DO - 10.1007/978-3-642-39345-7_19

M3 - Conference contribution

SN - 9783642393440

T3 - Lecture Notes in Computer Science

SP - 176

EP - 185

BT - Human aspects of information security, privacy, and trust

A2 - Marinos, Louis

A2 - Askoxylakis, Ioannis

PB - Springer-Verlag

CY - Berlin

Y2 - 20 July 2013 through 25 July 2013

ER -

Shepherd LA , Archibald J , Ferguson RI. Perception of risky security behaviour by users: survey of current approaches. In Marinos L, Askoxylakis I, editors, Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings. Berlin: Springer-Verlag. 2013. p. 176-185. (Lecture Notes in Computer Science; 8030). doi: 10.1007/978-3-642-39345-7_19

Perception of risky security behaviour by users: survey of current approaches

Abstract

Publication series

Conference

Keywords

UN SDGs

Access to Document

Fingerprint

Cite this