"Should I Worry?" A Cross-Cultural Examination of Account Security Incident Response
2019 IEEE Symposium on Security and Privacy (SP)(2019)
摘要
Digital security technology is able to identify and prevent many threats to users accounts. However, some threats remain that, to provide reliable security, require human intervention: e.g., through users paying attention to warning messages or completing secondary authentication procedures. While prior work has broadly explored people's mental models of digital security threats, we know little about users' precise, in-the-moment response process to in-the-wild threats. In this work, we conduct a series of qualitative interviews (n=67) with users who had recently experienced suspicious login incidents on their real Facebook accounts in order to explore this process of account security incident response. We find a common process across participants from five countries - with differing online and offline cultures - allowing us to identify areas for future technical development to best support user security. We provide additional insights on the unique nature of incident-response information seeking, known attacker threat models, and lessons learned from a large, cross-cultural qualitative study of digital security.
更多查看译文
关键词
cross-cultural,comparative,account-security,usable-security,qualitative,interview,facebook,security,incident-response,security-incident,warning,notification,security-warning,mental-model,collectivism,censorship,internet-penetration,information-seeking,advice,advice-seeking,security-advice
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络