Perception of risky security behaviour by users

survey of current approaches

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

What constitutes risky security behaviour is not necessarily obvious to users and as a consequence end-user devices could be vulnerable to compromise. This paper seeks to lay the groundwork for a project to provide instant warning via automatic recognition of risky behaviour. It examines three aspects of the problem, behaviour taxonomy, techniques for its monitoring and recognition and means of giving appropriate feedback. Consideration is given to a way of quantifying the perception of risk a user may have. An ongoing project is described in which the three aspects are being combined in an attempt to better educate users to the risks and consequences of poor security behaviour. The paper concludes that affective feedback may be an appropriate method for interacting with users in a browser-based environment.
Original languageEnglish
Title of host publicationHuman aspects of information security, privacy, and trust
Subtitle of host publicationfirst international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings
EditorsLouis Marinos, Ioannis Askoxylakis
Place of PublicationBerlin
PublisherSpringer-Verlag
Pages176-185
Number of pages10
ISBN (Electronic)9783642393457
ISBN (Print)9783642393440
DOIs
Publication statusPublished - 2013
Event1st International Conference on Human Aspects of Information Security, Privacy and Trust - Las Vegas, United States
Duration: 20 Jul 201325 Jul 2013
Conference number: 1

Publication series

NameLecture Notes in Computer Science
PublisherSpringer-Verlag
Number8030
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference1st International Conference on Human Aspects of Information Security, Privacy and Trust
Abbreviated titleHAS 2013
CountryUnited States
CityLas Vegas
Period20/07/1325/07/13

Fingerprint

Feedback
Taxonomies
Monitoring

Cite this

Shepherd, L. A., Archibald, J., & Ferguson, R. I. (2013). Perception of risky security behaviour by users: survey of current approaches. In L. Marinos, & I. Askoxylakis (Eds.), Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings (pp. 176-185). (Lecture Notes in Computer Science; No. 8030). Berlin: Springer-Verlag. https://doi.org/10.1007/978-3-642-39345-7_19
Shepherd, Lynsay A. ; Archibald, Jacqueline ; Ferguson, R. I. / Perception of risky security behaviour by users : survey of current approaches. Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings. editor / Louis Marinos ; Ioannis Askoxylakis. Berlin : Springer-Verlag, 2013. pp. 176-185 (Lecture Notes in Computer Science; 8030).
@inproceedings{0ac662bf7d88406b8f01bb92436f04d6,
title = "Perception of risky security behaviour by users: survey of current approaches",
abstract = "What constitutes risky security behaviour is not necessarily obvious to users and as a consequence end-user devices could be vulnerable to compromise. This paper seeks to lay the groundwork for a project to provide instant warning via automatic recognition of risky behaviour. It examines three aspects of the problem, behaviour taxonomy, techniques for its monitoring and recognition and means of giving appropriate feedback. Consideration is given to a way of quantifying the perception of risk a user may have. An ongoing project is described in which the three aspects are being combined in an attempt to better educate users to the risks and consequences of poor security behaviour. The paper concludes that affective feedback may be an appropriate method for interacting with users in a browser-based environment.",
author = "Shepherd, {Lynsay A.} and Jacqueline Archibald and Ferguson, {R. I.}",
year = "2013",
doi = "10.1007/978-3-642-39345-7_19",
language = "English",
isbn = "9783642393440",
series = "Lecture Notes in Computer Science",
publisher = "Springer-Verlag",
number = "8030",
pages = "176--185",
editor = "Louis Marinos and Ioannis Askoxylakis",
booktitle = "Human aspects of information security, privacy, and trust",

}

Shepherd, LA, Archibald, J & Ferguson, RI 2013, Perception of risky security behaviour by users: survey of current approaches. in L Marinos & I Askoxylakis (eds), Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings. Lecture Notes in Computer Science, no. 8030, Springer-Verlag, Berlin, pp. 176-185, 1st International Conference on Human Aspects of Information Security, Privacy and Trust, Las Vegas, United States, 20/07/13. https://doi.org/10.1007/978-3-642-39345-7_19

Perception of risky security behaviour by users : survey of current approaches. / Shepherd, Lynsay A.; Archibald, Jacqueline; Ferguson, R. I.

Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings. ed. / Louis Marinos; Ioannis Askoxylakis. Berlin : Springer-Verlag, 2013. p. 176-185 (Lecture Notes in Computer Science; No. 8030).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Perception of risky security behaviour by users

T2 - survey of current approaches

AU - Shepherd, Lynsay A.

AU - Archibald, Jacqueline

AU - Ferguson, R. I.

PY - 2013

Y1 - 2013

N2 - What constitutes risky security behaviour is not necessarily obvious to users and as a consequence end-user devices could be vulnerable to compromise. This paper seeks to lay the groundwork for a project to provide instant warning via automatic recognition of risky behaviour. It examines three aspects of the problem, behaviour taxonomy, techniques for its monitoring and recognition and means of giving appropriate feedback. Consideration is given to a way of quantifying the perception of risk a user may have. An ongoing project is described in which the three aspects are being combined in an attempt to better educate users to the risks and consequences of poor security behaviour. The paper concludes that affective feedback may be an appropriate method for interacting with users in a browser-based environment.

AB - What constitutes risky security behaviour is not necessarily obvious to users and as a consequence end-user devices could be vulnerable to compromise. This paper seeks to lay the groundwork for a project to provide instant warning via automatic recognition of risky behaviour. It examines three aspects of the problem, behaviour taxonomy, techniques for its monitoring and recognition and means of giving appropriate feedback. Consideration is given to a way of quantifying the perception of risk a user may have. An ongoing project is described in which the three aspects are being combined in an attempt to better educate users to the risks and consequences of poor security behaviour. The paper concludes that affective feedback may be an appropriate method for interacting with users in a browser-based environment.

U2 - 10.1007/978-3-642-39345-7_19

DO - 10.1007/978-3-642-39345-7_19

M3 - Conference contribution

SN - 9783642393440

T3 - Lecture Notes in Computer Science

SP - 176

EP - 185

BT - Human aspects of information security, privacy, and trust

A2 - Marinos, Louis

A2 - Askoxylakis, Ioannis

PB - Springer-Verlag

CY - Berlin

ER -

Shepherd LA, Archibald J, Ferguson RI. Perception of risky security behaviour by users: survey of current approaches. In Marinos L, Askoxylakis I, editors, Human aspects of information security, privacy, and trust: first international conference, HAS 2013 held as part of HCI International 2013 Las Vegas, NV, USA, July 21-26, 2013: proceedings. Berlin: Springer-Verlag. 2013. p. 176-185. (Lecture Notes in Computer Science; 8030). https://doi.org/10.1007/978-3-642-39345-7_19