(2020) End User and Expert Perceptions of Threats and Potential Countermeasures.
|
Text
eusec20-Anell.pdf Download (540kB) | Preview |
Abstract
Experts often design security and privacy technology with specific use cases and threat models in mind. In practice however, end users are not aware of these threats and potential countermeasures. Furthermore, misconceptions about the benefits and limitations of security and privacy technology inhibit large-scale adoption by end users. In this paper, we address this challenge and contribute a qualitative study on end users’ and security experts’ perceptions of threat models and potential countermeasures. We follow an inductive research approach to explore perceptions and mental models of both security experts and end users. We conducted semi-structured interviews with 8 security experts and 13 end users. Our results suggest that in contrast to security experts, end users neglect acquaintances and friends as attackers in their threat models. Our findings highlight that experts value technical countermeasures whereas end users try to implement trust-based defensive methods.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Divisions: | Katharina Krombholz (Human-Oriented Security, HOS) |
| Conference: | EuroUSEC The European Workshop on Usable Security |
| Depositing User: | Katharina Krombholz |
| Date Deposited: | 30 Nov 2020 10:30 |
| Last Modified: | 30 Nov 2020 11:41 |
| Primary Research Area: | NRA5: Empirical & Behavioral Security |
| URI: | https://publications.cispa.saarland/id/eprint/3299 |
Actions
Actions (login required)
 |
View Item |