(2022) Replication: Stories as Informal Lessons about Security.
|
Text
soups2022-final31_Katharina%20Pfeffer.pdf Download (599kB) | Preview |
Abstract
Anecdotal stories about security threats told to non-experts by friends, peers, or the media have been shown to be im- portant in forming mental models and secure behaviors. In 2012, Rader et al. conducted a survey (n=301) of security stories with a student sample to determine factors that influence security perceptions and behavior. We replicated this survey with a more diverse sample (n=299), including different age groups and educational backgrounds. We were able to confirm many of the original findings, providing further evidence that certain characteristics of stories increase the likelihood of learning and retelling. Moreover, we contribute new insights into how people learn from stories, such as that younger and higher educated people are less likely to change their thinking or be emotionally influenced by stories. We (re)discovered all of the threat themes found by Rader et al., suggesting that these threats have not been eliminated in the last decade, and found new ones such as ransomware and data breaches. Our findings help to improve the design of security advise and education for non-experts.
| Item Type: | Conference or Workshop Item (A Paper) (Paper) |
|---|---|
| Divisions: | Katharina Krombholz (Human-Oriented Security, HOS) |
| Conference: | SOUPS Symposium On Usable Privacy and Security |
| Depositing User: | Matthias Fassl |
| Date Deposited: | 05 Aug 2022 13:40 |
| Last Modified: | 05 Aug 2022 13:40 |
| Primary Research Area: | NRA5: Empirical & Behavioral Security |
| URI: | https://publications.cispa.saarland/id/eprint/3741 |
Actions
Actions (login required)
 |
View Item |