research-article

Does MoodyBoard make internet use more secure?: evaluating an ambient security visualization tool

Authors:

Alexander De Luca,

Bernhard Frauendienst,

Heinrich HussmannAuthors Info & Claims

CHI '11: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

Pages 887 - 890

https://doi.org/10.1145/1978942.1979072

Published: 07 May 2011 Publication History

Get Access

Abstract

Internet users are targets for ever-advancing phishing- and other attacks. The risks are, for example, to disclose credit card information or passwords to unauthorized instances. One approach to help users with insecure situations is provided by MoodyBoard, which uses ambient information to highlight potential risks. In this paper, we present findings from an evaluation of this system. Two user studies were conducted in order to find out whether an ambient security tool can protect users during sensitive tasks. We designed a pilot study to find out whether users understand the warnings and a security study to see if it helps to protect users from phishing attacks. Results show that MoodyBoard users behaved significantly more secure.

References

[1]

Adams, A. and Sasse, M. A. Users are not the enemy. Commun. ACM 42, 12 (Dec. 1999).

Digital Library

Google Scholar

[2]

Amer, T.S., Maris, J.B. Signal words and signal icons in application control and information technology exception messages -" hazard matching and habituation effects. Tech. Rep. Work. Paper. Series 06-05, Northern Arizona University, Flagstaff, AZ, October 2006.

Google Scholar

[3]

De Luca, A., Frauendienst, B., Maurer, M., and Hausen, D. 2010. On the design of a "moody" keyboard. In Proc. DIS '10. Aarhus, Denmark, August 16 - 20, 2010.

Digital Library

Google Scholar

[4]

Dhamija, R., Tygar, J.D., Hearst, M. Why phishing works. In Proc. CHI '06. Montréal, Québec, Canada, 2006.

Digital Library

Google Scholar

[5]

Egelman, S., Cranor, L. F., and Hong, J. You've been warned: an empirical study of the effectiveness of web browser phishing warnings. In Proc. CHI '08, Florence, Italy, 2008.

Digital Library

Google Scholar

[6]

Kumaraguru, P., Sheng, S., Acquisti, A., Cranor, L. F., and Hong, J. Teaching Johnny not to fall for phish. ACM Trans. Internet Technol. 10, 2, Article 7, June 2010.

Digital Library

Google Scholar

[7]

Sunshine, J., Egelman, S., Almuhimedi, H., Atri, N., Cranor, L.F. Crying Wolf: An empirical study of SSL warning effectiveness. In Proc. USENIX '09.

Digital Library

Google Scholar

[8]

Ware, C. Information Visualization, Second Edition: Perception for Design. Morgan Kaufmann, 2004.

Digital Library

Google Scholar

[9]

Whitten A., Tygar J.D. Why Johnny can't encrypt: A usability evaluation of PGP 5.0. In Proc. USENIX '99.

Digital Library

Google Scholar

[10]

Wu M., Miller R.C., Garfinkel S.L. Do security toolbars actually prevent phishing attacks? In Proc. CHI '06. Montréal, Québec, Canada, 2006.

Digital Library

Google Scholar

Cited By

View all

Issa AMurray TErnst GBuchanan GStevenson D(2018)In search of perfect usersProceedings of the 30th Australian Conference on Computer-Human Interaction10.1145/3292147.3292231(572-576)Online publication date: 4-Dec-2018
https://dl.acm.org/doi/10.1145/3292147.3292231
Li LBerki EHelenius MOvaska S(2014)Towards a contingency approach with whitelist-and blacklist-based anti-phishing applicationsBehaviour & Information Technology10.1080/0144929X.2013.87522133:11(1136-1147)Online publication date: 1-Nov-2014
https://dl.acm.org/doi/10.1080/0144929X.2013.875221
Li LHelenius MBerki ELugmayr A(2012)A usability test of whitelist and blacklist-based anti-phishing applicationProceeding of the 16th International Academic MindTrek Conference10.1145/2393132.2393170(195-202)Online publication date: 3-Oct-2012
https://dl.acm.org/doi/10.1145/2393132.2393170

Index Terms

Does MoodyBoard make internet use more secure?: evaluating an ambient security visualization tool
1. Human-centered computing
  1. Human computer interaction (HCI)
2. Security and privacy

Index terms have been assigned to the content through auto-classification.

Recommendations

Internet of Things (IoT): From awareness to continued use
Abstract
This paper proposes a research model with five constructs, i.e., IoT awareness, users’ IoT privacy knowledge, users’ IoT security knowledge, users’ IoT Trust, and continued intention to use IoT to bring clarity to the growing yet ...
Highlights
- Clarifying how variables linked from IoT awareness to IoT continued use.
- IoT ...
Internet of Things security

The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the IoT ...
A Secure Publish/Subscribe Protocol for Internet of Things
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and Security

The basic concept behind the emergence of Internet of Things (IoT) is to connect as many objects to the Internet as possible in an attempt to make our lives better in some way. However, connecting everyday objects like your car or house to the Internet ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

CHI '11: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

May 2011

3530 pages

ISBN:9781450302289

DOI:10.1145/1978942

General Chair:
Desney Tan
Microsoft Research
,
Program Chairs:
Geraldine Fitzpatrick
Vienna University of Technology
,
Carl Gutwin
University of Saskatchewan
,
Bo Begole
PARC
,
Wendy A. Kellogg
IBM Research

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 May 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CHI '11

Sponsor:

SIGCHI

CHI '11: CHI Conference on Human Factors in Computing Systems

May 7 - 12, 2011

BC, Vancouver, Canada

Acceptance Rates

CHI '11 Paper Acceptance Rate 410 of 1,532 submissions, 27%;

Overall Acceptance Rate 6,199 of 26,314 submissions, 24%

Upcoming Conference

CHI '25

Sponsor:
sigchi

CHI Conference on Human Factors in Computing Systems

April 26 - May 1, 2025

Yokohama , Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
403
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)2

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Issa AMurray TErnst GBuchanan GStevenson D(2018)In search of perfect usersProceedings of the 30th Australian Conference on Computer-Human Interaction10.1145/3292147.3292231(572-576)Online publication date: 4-Dec-2018
https://dl.acm.org/doi/10.1145/3292147.3292231
Li LBerki EHelenius MOvaska S(2014)Towards a contingency approach with whitelist-and blacklist-based anti-phishing applicationsBehaviour & Information Technology10.1080/0144929X.2013.87522133:11(1136-1147)Online publication date: 1-Nov-2014
https://dl.acm.org/doi/10.1080/0144929X.2013.875221
Li LHelenius MBerki ELugmayr A(2012)A usability test of whitelist and blacklist-based anti-phishing applicationProceeding of the 16th International Academic MindTrek Conference10.1145/2393132.2393170(195-202)Online publication date: 3-Oct-2012
https://dl.acm.org/doi/10.1145/2393132.2393170

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Internet of Things (IoT): From awareness to continued use

Internet of Things security

A Secure Publish/Subscribe Protocol for Internet of Things