HCI for Cybersecurity, Privacy and Trust : Third International Conference, HCI-CPT 2021, Held As Part of the 23rd HCI International Conference, HCII 2021, Virtual Event, July 24–29, 2021, Proceedings
معرفی کتاب «HCI for Cybersecurity, Privacy and Trust : Third International Conference, HCI-CPT 2021, Held As Part of the 23rd HCI International Conference, HCII 2021, Virtual Event, July 24–29, 2021, Proceedings» نوشتهٔ Abbas Moallem (editor)، منتشرشده توسط نشر Springer International Publishing Springer در سال 2021. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.
This book constitutes the refereed proceedings of the Third International Conference on HCI for Cybersecurity, Privacy and Trust, HCI-CPT 2021, held as part of the 23rd International Conference, HCI International 2021, which took place virtually in July 2021. The total of 1276 papers and 241 posters included in the 39 HCII 2021 proceedings volumes was carefully reviewed and selected from 5222 submissions. HCI-CPT 2021 includes a total of 30 papers; they were organized in topical sections named: usable security; security and privacy by design; user behavior analysis in cybersecurity; and security and privacy awareness. Foreword HCI International 2021 Thematic Areas and Affiliated Conferences Contents Usable Security Authentication Management of Home IoT Devices 1 Introduction 2 Background 2.1 Security and Privacy Issues in Home IoT Devices 2.2 Usability of Home IoT Security 2.3 Authentication Challenges in Multi-user Smart Home Devices 3 Study 3.1 Survey Structure 3.2 Participants 4 Results 4.1 Security and Data Privacy Concern 4.2 Password Management of Home IoT Devices 4.3 Features for Home IoT Password Management 5 Discussion 5.1 Design Guidelines for an IoT Password Management Tool 5.2 Limitations and Future Work 6 Conclusion References Emics and Etics of Usable Security: Culturally-Specific or Culturally-Universal? 1 Introduction 2 Emics-Etics Framework for Usable Security: A Culture-Centric Framework to Address Usability Problems with Security Tools 3 When Security Emics Meets Etics: Culture-Specific Security Challenges 3.1 Software Piracy 3.2 Password Sharing 3.3 Mobile Phone Sharing 4 Discussion 4.1 Sharing as Cultural Norm and Necessity 4.2 Sharing in Business Strategy 4.3 Sharing in Technology Tools 5 Conclusion References Development of a Novice-Friendly Representation of Camouflaged Boolean Networks 1 Introduction 1.1 Past Research 1.2 Present Research 1.3 Hypotheses 2 Development Process 3 Study Method 3.1 Participants 3.2 Procedure 4 Results and Implications 5 Conclusions and Future Research References Testing Facial Recognition Software for Young Adults and Adolescents: An Integrative Review 1 Introduction 1.1 Pervasiveness 1.2 Lingering Questions 1.3 Answering Questions with User Testing 2 Methods 3 Results 3.1 Included Studies 3.2 Study Participants 3.3 Study Methods 3.4 Study Findings 3.5 Study Limitations 3.6 Study Quality 4 Conclusion References Eye Gaze and Interaction Differences of Holistic Versus Analytic Users in Image-Recognition Human Interaction Proof Schemes 1 Introduction 2 User Study 2.1 Research Questions 2.2 Study Instruments 2.3 Sampling and Procedure 3 Analysis of Results 3.1 Differences in Time to the Solve Image-Recognition HIP Challenge Between Holistic and Analytic Users 3.2 Differences in Time to Visually Explore the Image During Solving the Image-Recognition HIP Challenge Between Holistic and Analytic Users 3.3 Differences in Eye Gaze Behavior During Solving the Image-Recognition HIP Challenge Between Holistic and Analytic Users 4 Main Findings 5 Conclusions and Future Work References Risk Assessment of ``Ostrich ZIP'' 1 Introduction 2 Organizing the Ostrich ZIP Discussion 2.1 Literature Review 2.2 Web Survey 2.3 Advantages of Ostrich ZIP 2.4 Disadvantages of Ostrich ZIP 2.5 The Ostrich ZIP Threats 2.6 Background of Ostrich ZIP Usage 2.7 Alternative Methods for Ostrich ZIP 3 Survey on the Current Status of the Ostrich ZIP 3.1 Specification 3.2 Encrypted ZIP Support in Typical Environments 3.3 Automatic Ostrich ZIP 4 Model of Information Leakage Events in File Sharing During E-Mail Sending and Receiving 4.1 Events Related to Information Leakage via E-Mail 4.2 Situation of E-Mail Use and Incidents of Information Leakage 4.3 Event Model and Simplified Probability of Leakage Occurrence for Each Leakage Case 5 Leakage Risk Assessment Using Event Models 6 Discussion 6.1 Information Leakage Risk and Usability 6.2 Discontinuation of the Use of TPE and the Effect of AES Support in Various Environments 6.3 Control of Information 6.4 Reasons for Adopting Ostrich ZIP and Current Status 6.5 Overseas Trends 7 Conclusion References Identity Recognition Based on the Hierarchical Behavior Characteristics of Network Users 1 Introduction 2 Literature Review 2.1 Research on Identity Recognition Based on Network User Behavior 2.2 Classifiers Used in Existing Research 3 Methodology 3.1 Research on Hierarchical Behavior Characteristics of Network Users 3.2 Characteristics Fusion and Identity Recognition Methods 4 Experimental Analysis and Results 4.1 Experimental Analysis 4.2 Results 5 Limitations and Future Work 6 Conclusions References Security Analysis of Transaction Authorization Methods for Next Generation Electronic Payment Services 1 Introduction 2 Emerging Transaction Authorization Methods 3 Threats to Transaction Authorization 4 Risk Analysis 5 Countermeasures 6 Conclusions References Security and Privacy by Design Beyond Murphy’s Law: Applying Wider Human Factors Behavioural Science Approaches in Cyber-Security Resilience 1 Introduction 1.1 Case Study 2 Recognised HF Approaches 2.1 HF Adoption of Formal Cyber-Security Methods 2.2 HF Practitioner Experience 2.3 Culture 2.4 Safety Assurance Applied to Security 3 Methods 4 Discussion 4.1 Iterative Model Development and Validation 4.2 Integrating Cyber and HF Approaches 4.3 Qualitative and Quantitative Methods 5 Conclusion References A Human Factor Approach to Threat Modeling 1 Introduction 2 Background and Related Work 2.1 Human Factors 2.2 Human Factors and Cybersecurity 2.3 Threat Modeling 3 STRIDE-HF 3.1 Implementing STRIDE-HF into an Interactive Experience: Another Week at the Office 4 Discussion and Implications 4.1 Human Factors and Threat Modeling 4.2 STRIDE-HF as a User-Orientated Threat Modeling Approach 4.3 Future Work 5 Concluding Remarks References Smart Technologies and Internet of Things Designed for Aging in Place 1 Introduction 2 Aging in Place with IoT and Health-Related Smart Home Technologies 2.1 User Needs and Technology Requirements 2.2 IoT Standards: Technical Challenges 3 Models to Inform IoT and Smart Technology Adoption 3.1 Technology Acceptance Model (TAM) and Unified Theory of Acceptance and Use of Technology (UTAUT) 3.2 Human/Activity/Space/Technology Model (HAST) 4 Designing Smart Technology and IoT for Aging in Place 5 IoT, Privacy and Security, Acceptance and Adoption 5.1 Technology Acceptance Interviews 5.2 Privacy by Design, Usable Security for Home Healthcare Systems 6 Conclusion References Please Stop Listening While I Make a Private Call: Context-Aware In-Vehicle Mode of a Voice-Controlled Intelligent Personal Assistant with a Privacy Consideration 1 Introduction 2 Background and Related Work 3 IPA Task 3.1 IPA Functions Analysis in Vehicles 3.2 Personal Information of the IPAs 4 Method 4.1 WoZ-Prototype IPA 4.2 Participants and the Experiment Environment 4.3 Scenario 4.4 Participants and the Experiment Environment 5 Evaluation 5.1 Vehicle Contextual Function 5.2 Voice Interaction 5.3 Verbal Privacy 5.4 Carpooling 5.5 Car-Sharing 6 Discussion and Future Research References Enterprise Data Sharing Requirements: Rich Policy Languages and Intuitive User Interfaces 1 Introduction 2 Data Requester Specification 3 Shareability Theory Extension 4 Policy Review Matrix 5 Summary References Heuristic Evaluation of Vulnerability Risk Management Leaders’ Presentations of Cyber Threat and Cyber Risk 1 Introduction 2 Background 3 Method 3.1 Participants 3.2 Dataset 3.3 Procedure 4 Results 4.1 Relationship of Scores to Tool Outputs 4.2 Color Use 4.3 Number Scheme 4.4 Visual Chart 5 Analysis 6 Conclusions and Future Work References Human Individual Difference Predictors in Cyber-Security: Exploring an Alternative Scale Method and Data Resolution to Modelling Cyber Secure Behavior 1 Introduction 2 Background 2.1 Individual Differences in Cyber-Security 2.2 Measurement Techniques and Data Resolution 3 Method 3.1 Participants 3.2 Study Design, Materials and Procedure 4 Results 4.1 SeBIS Device Securement 4.2 SeBIS Proactive Awareness 4.3 SeBIS Updating 4.4 SeBIS Password Generation 5 Discussion 6 Limitations 7 Conclusions and Future Directions References Privacy Design Strategies and the GDPR: A Systematic Literature Review 1 Introduction 2 Methodology 2.1 Planning 2.2 Execution 3 Results Analysis 4 Discussion 5 Conclusions and Future Work References User Behavior Analysis in Cybersecurity ‘Just-in-Time’ Parenting: A Two-Month Examination of the Bi-directional Influences Between Parental Mediation and Adolescent Online Risk Exposure 1 Introduction 2 Background 2.1 Adolescent Online Safety and Risks 2.2 Parental Mediation Influence on Adolescent Online Risk Exposure 3 A Family Systems Approach 4 Methods 4.1 Diary Study Overview 4.2 Diary Study Measures 4.3 Data Analysis Approach 4.4 Participant Recruitment 5 Results 5.1 Descriptive Statistics 5.2 Exposure to Explicit Content 5.3 Risk Exposure to Sexual Solicitations 5.4 Exposure to Online Harassment 6 Discussion 6.1 Parent vs. Teen Perceptions of Mediation and Risk Exposure 6.2 Risk Exposure Affects Parental Mediation 6.3 ‘Just-in-Time’ Parenting 6.4 Limitations and Future Research 7 Conclusion References Understanding User Behavior, Information Exposure, and Privacy Risks in Managing Old Devices 1 Introduction 2 Related Work 2.1 Situated Privacy and Security 3 Methodology 4 Results 4.1 Managing Accessibility to Information 4.2 Privacy Protection Strategies 4.3 Information Loss and Exposure 5 Discussion 6 Conclusion References Perceptions of Security and Privacy in mHealth 1 Introduction 2 Background 2.1 Privacy, Security and Trust 2.2 mHealth – Drawbacks and Breakthroughs 2.3 mHealth – End-Users’ Perceptions 3 Methods 4 Results 5 Discussion 6 Conclusions References Understanding User's Behavior and Protection Strategy upon Losing, or Identifying Unauthorized Access to Online Account 1 Introduction 2 Related Work 3 Methodology 3.1 Procedure 3.2 Analysis 3.3 Participants 4 Results 4.1 Losing Access to Online Account 4.2 Unauthorized Access to Online Account 4.3 Prevention Strategy and Contingency Plan 5 Discussion 5.1 Prevention Strategies, Risks, and Concerns 5.2 Security (Mis)conceptions 5.3 Similarities and Differences Across Geographic Locations 6 Limitations and Conclusion References CyberPin - Challenges on Recognizing Youngest Cyber Talents 1 Introduction 1.1 The Concepts 1.2 The Estonian Experience 2 Methods 3 Results and Discussion 4 Critical Remarks 5 Future Steps 6 Conclusion References It's Not My Problem: How Healthcare Models Relate to SME Cybersecurity Awareness 1 Introduction 1.1 The SME Landscape 2 Background 2.1 Health Belief Model (HBM) 2.2 Normalisation Process Theory (NPT) 3 Method 3.1 Design 3.2 Participants 3.3 Data Collection 3.4 Analysis 4 Results 4.1 Cybersecurity Coverage (Anonymous Survey) 4.2 Ethnographic Observations 4.3 Exploring Model Constructs Specifically 5 Discussion 6 Limitations and Future Work 7 Conclusion References Understanding the Last Line of Defense: Human Response to Cybersecurity Events 1 Introduction 2 Method 3 Results: Framework of Human Response to Cyber Security Event 3.1 Susceptibility Phase 3.2 Detection Phase 3.3 Response Phase 4 Strategies for Improving Response 4.1 Mitigations for the Susceptibility Stage 4.2 Mitigations for the Detection Phase 4.3 Mitigations for the Response Phase 5 Conclusion References Security and Privacy Awareness The Effectiveness of Video Messaging Campaigns to Use 2FA 1 Introduction 2 Related Work 2.1 Security Communications 2.2 Usability and Security of 2FA 3 Methodology 3.1 Video Design 3.2 Hypotheses 3.3 Study Design 4 Evaluation 4.1 First Phase 4.2 Second Phase 5 Discussion 6 Limitations and Future Work 7 Conclusion A Video Transcripts References A Study on Online Businesses' Commitment to Consumer Privacy 1 Introduction 2 Related Work 3 Methods 3.1 Study Sample: Websites of 9 Categories 3.2 Sample Selection: 27 Websites 3.3 Assessment of Websites 3.4 Study Piloting 3.5 Inter-rater Reliability (IRR) 4 Results 4.1 Sample Statistics 4.2 Comparing of Well-Known vs. Lesser-Known Websites 4.3 Comparing Well-Known vs. Lesser-Known Websites on Visibility of Policies 4.4 Inter-rater Reliability 4.5 Surfers' Opinions and Comments 5 Discussion 6 Conclusion References Help the User Recognize a Phishing Scam: Design of Explanation Messages in Warning Interfaces for Phishing Attacks 1 Introduction 2 Background and Related Work 2.1 Human Factors in Cybersecurity 2.2 Design Warning Messages: The C-HIP Model 2.3 Evaluating Warning Messages Comprehension 3 Toward Explanations Inside Warning Interfaces for Phishing Attacks 3.1 A Polymorphic Warning Message to Prevent Phishing Attacks 3.2 Warning Text Design 4 Conclusion and Future Work References Social Engineering Attacks: Recent Advances and Challenges 1 Introduction 2 Literature Review 2.1 Human-Based Social Engineering Attacks 2.2 Computer-Based Social Engineering Attacks 2.3 Recent Advances 3 Potential Mitigation Strategies 3.1 Awareness Programs 3.2 Endpoint Security 3.3 Blockage of Phishing Attacks 3.4 Validate Information 4 Research Challenges 4.1 Attack Surfaces Using 5G Technology 4.2 Detection of Cyborgs 4.3 Edge Computing Security Risks 4.4 Blockchain and Cryptocurrency Cautions 5 Future Directions and Recommendations 6 Conclusion References Brand Validation: Security Indicator to Better Indicate Website Identity 1 Introduction 2 Background and Related Work 2.1 Phishing Attacks on Human Vulnerabilities 2.2 Security Indicators 2.3 Website Identity and X.509 Certificate 3 Study Design 4 Opinions and Behaviors for Browser Indicators 4.1 Recruiting 4.2 Preliminary Interview Method 4.3 Preliminary Interview Results 4.4 Additional Preliminary Interview Method 4.5 Additional Preliminary Interview Results 4.6 Summary of Opinions for Re-designing EV Indicators 5 Brand Validation: Proposed Website Identity Indicators 5.1 Our Indicator for Primary UI (URL Bar) 5.2 Our Indicator for Secondary UI (Detailed Dialogue) 6 Evaluation of Proposed Indicators 6.1 Evaluation Method and Recruiting 6.2 Evaluation Results 7 Discussion 7.1 Effectiveness Against Cross-Jurisdiction Collision Attack 7.2 Evaluation of Attention to BV Indicators 7.3 Research Ethics 8 Conclusion and Future Work References Study on the Impact of Learning About Information Security Measures on Mental Models: Applying Cybersecurity Frameworks to Self-learning Materials 1 Introduction 2 Methodology 2.1 Improved Learning Materials for the Experimental Group 2.2 Recruitment and Demographics 2.3 Study Design 2.4 Data Analysis 3 Results 3.1 Interview Analysis Based on Mental Model 3.2 Test Analysis 4 Discussion 5 Limitation 6 Related Studies 6.1 Education in Information Security 6.2 Mental Model in Usable Security 7 Conclusion Appendix References Gaming Apps’ and Social Media Partnership: A Privacy Perspective 1 Introduction 2 Literature Review 2.1 Privacy on Social Media 2.2 Privacy Concerns on Third-Party Apps 3 Method 4 Results 4.1 Basic Information on the Gaming Apps Selected for This Study 4.2 Access to Users Social Media Information 5 Discussion 6 Limitation 7 Conclusion References Correction to: Testing Facial Recognition Software for Young Adults and Adolescents: An Integrative Review Correction to: Chapter “Testing Facial Recognition Software for Young Adults and Adolescents: An Integrative Review” in: A. Moallem (Ed.): HCI for Cybersecurity, Privacy and Trust, LNCS 12788, https://doi.org/10.1007/978-3-030-77392-2_4 Author Index This book constitutes the proceedings of the Third International Conference on HCI for Cybersecurity, Privacy and Trust, HCI-CPT 2021, held as part of the 23rd International Conference, HCI International 2021, which took place virtually in July 2021. The total of 1276 papers and 241 posters included in the 39 HCII 2021 proceedings volumes was carefully reviewed and selected from 5222 submissions. HCI-CPT 2021 includes a total of 30 regular papers; they were organized in topical sections named: usable security; security and privacy by design; user behavior analysis in cybersecurity; and security and privacy awareness
دانلود کتاب HCI for Cybersecurity, Privacy and Trust : Third International Conference, HCI-CPT 2021, Held As Part of the 23rd HCI International Conference, HCII 2021, Virtual Event, July 24–29, 2021, Proceedings