SlideShare una empresa de Scribd logo

Social Cybersecurity: Reshaping Security Through An Empirical Understanding of Human Social Behavior

S
Sauvik Das

I discuss some research that empirically illustrates the connection between social influences and security behaviors. I presented this talk at Enigma 2018.

Ciencias
1 de 46
Descargar para leer sin conexión
SOCIAL CYBERSECURITY Reshaping Security Through An Empirical Understanding of Human Social Behavior Sauvik Das Georgia Tech sauvik@gatech.edu @scyrusk
How can we design systems that encourage better cybersecurity behaviors?
What makes people… …use a PIN on their phone? …enable two-factor authentication? …keep their software updated? …behave “securely”?
“I started using [a PIN] because everyone around me had a [PIN] so I kind of felt a group pressure to also use a [PIN].
“One of my boys wanted to use my phone…so I gave them my passcode. And not that I have anything that I don’t care for them to see or anything, but after they did that then I changed it”
“my friends...have a lot of different accounts, the same as me. But they didn’t get into any trouble. So I think maybe it will not be dangerous [to reuse passwords].”
A lot of it is social. Security behavior, like any human behavior, is largely driven by social influence.
~50% of behaviors were socially driven HACKERS, TOM HACKERS EVERYWHERE
Absent knowledge of how security and social behaviors interact, we have little hope of doing better
Measuring Social Influence In Security Behaviors Improving Security Behaviors with Social Influence Social influence strongly affects security behaviors, and this effect is contingent upon the design of a security tool affects its potential for social spread. Making cybersecurity systems more social can encourage better security behaviors.
Social influences strongly affect cybersecurity behaviors, and we can encourage better behaviors by designing more social cybersecurity systems.
Measuring Social Influence In Security Behaviors Improving Security Behaviors with Social Influence
MEASURING SOCIAL INFLUENCE IN SECURITY BEHAVIORS Das, S., Kramer, A., Dabbish, L., and Hong, Jason I. The Role of Social Influence in Security Feature Adoption. Proc. CSCW’15.
Login Notifications Login Approvals Trusted Contacts Analyzed how the (non)-use of three optional security tools was affected by friends' use of those tools for 1.5 million Facebook user's social networks. Standard Social
DATA COLLECTED 750k 750kusers who newly adopted one of the aforementioned security tools. “use-nots” who had not adopted one of the aforementioned security tools.
Users Use-nots Social influence?
MATCHED PROPENSITY SAMPLING For each exposure level, compare adoption rate of those who are exposed versus those who are not. This is the effect of social influence. For a given security tool, empirically select exposure levels to friends who use that tool. e.g., 1%, 5%, 10%... Aral, S, Muchnik, L., and Sundarajan, A. Distinguishing influence-based contagion from homophily-driven diffusion in dynamic networks. PNAS 106 (51). 2009.
0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool
0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect
0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect Expected effect
0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect Expected effect Trusted Contacts
-50 -40 -30 -20 -10 0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect Expected effect Trusted Contacts Login Approvals
-50 -40 -30 -20 -10 0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect Expected effect Trusted Contacts Login Approvals Login Notifications What’s going on here?
DISAFFILIATION e.g., teenagers who dislike facebook because parents now use it
Early adopters of some security tools can be perceived as “paranoid” or ”nutty”, and, in turn, stigmatize the use of those security tools.
-50 -40 -30 -20 -10 0 10 20 30 40 50 E1 E2 E3 E4 E5 All effects go up and to the right. More exposure is good! GOOD NEWS
-50 -40 -30 -20 -10 0 10 20 30 40 50 E1 E2 E3 E4 E5 The design of a security tool affects its potential for social spread. GOOD NEWS
Observability Cooperation Stewardship
Measuring Social Influence In Security Behaviors Social influence strongly affects security behaviors, and this effect is contingent upon the design of a security tool affects its potential for social spread. Improving Security Behaviors with Social Influence
IMPROVING SECURITY BEHAVIORS WITH SOCIAL INFLUENCE Das, S., Kramer, A., Dabbish, L., and Hong, Jason I. Increasing Security Sensitivity With Social Proof: A Large-Scale Experimental Confirmation. Proc. CCS’14.
Randomized experiment with 50,000 Facebook users.
8 conditions: 7 social + 1 non-social control 6250 randomly assigned participants per condition Experiment ran for 3 days
MEASURES CTR 7d 5mo adoptions adoptions(click through rate)
46,235 (93%) logged in and saw announcement 5,971 (13%) clicked on an announcement 1,873 (4%) adopted one of the promoted tools within 7 days 4,555 (10%) adopted one of the promoted tools within 5 months DESCRIPTIVE STATS
8 9 10 11 12 13 14 15 Raw # Some Over # Only # Over % Only % Raw % Control 7d adoptions 5m adoptions Click-through rate Raw # vs Control 1.36x improvement in CTR 1.10x improvement in adoptions
Measuring Social Influence In Security Behaviors Social influence strongly affects security behaviors, and this effect is contingent upon the design of a security tool affects its potential for social spread. Improving Security Behaviors with Social Influence Making cybersecurity systems more social can encourage better security behaviors.
How can we design systems that encourage better cybersecurity behaviors?
Observable Cooperative Stewarded There is a fruitful but largely untapped opportunity to improve cybersecurity behaviors by making social systems that are more:
How can we make it easier for people to observe and emulate good security behaviors? OBSERVABLE
How can we design additive security systems that make group security a sum instead of a min function? COOPERATIVE
How can we design systems that allow people to act on their concern for the security of their loved ones? STEWARDED
Social influences strongly affect cybersecurity behaviors, and we can encourage better behaviors by designing more social cybersecurity systems. SOCIAL CYBERSECURITY Reshaping Security Through An Empirical Understanding of Human Social Behavior Sauvik Das Georgia Tech sauvik@gatech.edu @scyrusk

Recomendados

How to cure yourself of antivirus side effects @ReveeliumBlog
How to cure yourself of antivirus side effects @ReveeliumBlogHow to cure yourself of antivirus side effects @ReveeliumBlog
How to cure yourself of antivirus side effects @ReveeliumBlog
ITrust - Cybersecurity as a Service
 
Predictive Risk
Predictive RiskPredictive Risk
Predictive Risk
lnbj50
 
Srikanth
SrikanthSrikanth
Srikanth
kondalarao7
 
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
EC-Council
 
Wannacry or learn?
Wannacry or learn?Wannacry or learn?
Wannacry or learn?
dan hyde
 
Agentless Patch Management for the Data Center
Agentless Patch Management for the Data CenterAgentless Patch Management for the Data Center
Agentless Patch Management for the Data Center
Ivanti
 
Vulnerability Management Nirvana - Seattle Agora - 18Mar16
Vulnerability Management Nirvana - Seattle Agora - 18Mar16Vulnerability Management Nirvana - Seattle Agora - 18Mar16
Vulnerability Management Nirvana - Seattle Agora - 18Mar16
Kymberlee Price
 
12102 vipre business-protecting-against-the-new-wave-of-malware
12102 vipre business-protecting-against-the-new-wave-of-malware12102 vipre business-protecting-against-the-new-wave-of-malware
12102 vipre business-protecting-against-the-new-wave-of-malware
Digital Pymes
 

Recomendados

How to cure yourself of antivirus side effects @ReveeliumBlog
How to cure yourself of antivirus side effects @ReveeliumBlogHow to cure yourself of antivirus side effects @ReveeliumBlog
How to cure yourself of antivirus side effects @ReveeliumBlog
ITrust - Cybersecurity as a Service
 
Predictive Risk
Predictive RiskPredictive Risk
Predictive Risk
lnbj50
 
Srikanth
SrikanthSrikanth
Srikanth
kondalarao7
 
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
Security Metrics Rehab: Breaking Free from Top ‘X’ Lists, Cultivating Organic...
EC-Council
 
Wannacry or learn?
Wannacry or learn?Wannacry or learn?
Wannacry or learn?
dan hyde
 
Agentless Patch Management for the Data Center
Agentless Patch Management for the Data CenterAgentless Patch Management for the Data Center
Agentless Patch Management for the Data Center
Ivanti
 
Vulnerability Management Nirvana - Seattle Agora - 18Mar16
Vulnerability Management Nirvana - Seattle Agora - 18Mar16Vulnerability Management Nirvana - Seattle Agora - 18Mar16
Vulnerability Management Nirvana - Seattle Agora - 18Mar16
Kymberlee Price
 
12102 vipre business-protecting-against-the-new-wave-of-malware
12102 vipre business-protecting-against-the-new-wave-of-malware12102 vipre business-protecting-against-the-new-wave-of-malware
12102 vipre business-protecting-against-the-new-wave-of-malware
Digital Pymes
 
The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015
Jason Hong
 
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
Jason Hong
 
CHI abstract camera ready
CHI abstract camera readyCHI abstract camera ready
CHI abstract camera ready
Mark Sinclair
 
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Elissa Redmiles
 
Detection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social NetworkDetection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social Network
IRJET Journal
 
Ponemon Institute Research Report
Ponemon Institute Research ReportPonemon Institute Research Report
Ponemon Institute Research Report
Peter Tutty
 
Insightful Research: The State of Mobile Application Insecurity
Insightful Research: The State of Mobile Application Insecurity Insightful Research: The State of Mobile Application Insecurity
Insightful Research: The State of Mobile Application Insecurity
Casey Lucas
 
NetSafety w/ Anne Collier
NetSafety w/ Anne CollierNetSafety w/ Anne Collier
NetSafety w/ Anne Collier
Bernajean Porter
 
Online Safety 3.0
Online Safety 3.0Online Safety 3.0
Online Safety 3.0
Anne Collier
 
NSBA2010
NSBA2010NSBA2010
NSBA2010
Anne Collier
 
Mitigating Influence of Disinformation Propagation Using Uncertainty-Based Op...
Mitigating Influence of Disinformation Propagation Using Uncertainty-Based Op...Mitigating Influence of Disinformation Propagation Using Uncertainty-Based Op...
Mitigating Influence of Disinformation Propagation Using Uncertainty-Based Op...
Shakas Technologies
 
Episode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeEpisode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of Sonatype
Contrast Security
 
204
204204
204
vivatechijri
 
Poster_final
Poster_finalPoster_final
Poster_final
Rushil Goyal
 
final campaign
final campaignfinal campaign
final campaign
Jennifer Daniel
 
SkinnerJ_FinalPaper
SkinnerJ_FinalPaperSkinnerJ_FinalPaper
SkinnerJ_FinalPaper
Jake Skinner
 
Surveillance Systems And Studies That Should Be...
Surveillance Systems And Studies That Should Be...Surveillance Systems And Studies That Should Be...
Surveillance Systems And Studies That Should Be...
Ann Johnson
 
Pirc net poster
Pirc net posterPirc net poster
Pirc net poster
UC San Diego
 
How to Make People Click on a Dangerous Link Despite their Security Awareness
How to Make People Click on a Dangerous Link Despite their Security Awareness How to Make People Click on a Dangerous Link Despite their Security Awareness
How to Make People Click on a Dangerous Link Despite their Security Awareness
mark-smith
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadRethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
OpenDNS
 
Privacy for the People | HCIC 2023
Privacy for the People | HCIC 2023Privacy for the People | HCIC 2023
Privacy for the People | HCIC 2023
Sauvik Das
 
Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secre...
Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secre...Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secre...
Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secre...
Sauvik Das
 

Más contenido relacionado

Similar a Social Cybersecurity: Reshaping Security Through An Empirical Understanding of Human Social Behavior

The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015
Jason Hong
 
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
Jason Hong
 
CHI abstract camera ready
CHI abstract camera readyCHI abstract camera ready
CHI abstract camera ready
Mark Sinclair
 
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Elissa Redmiles
 
Insightful Research: The State of Mobile Application Insecurity
Insightful Research: The State of Mobile Application Insecurity Insightful Research: The State of Mobile Application Insecurity
Insightful Research: The State of Mobile Application Insecurity
Casey Lucas
 
204
204204
204
vivatechijri
 
SkinnerJ_FinalPaper
SkinnerJ_FinalPaperSkinnerJ_FinalPaper
SkinnerJ_FinalPaper
Jake Skinner
 
Surveillance Systems And Studies That Should Be...
Surveillance Systems And Studies That Should Be...Surveillance Systems And Studies That Should Be...
Surveillance Systems And Studies That Should Be...
Ann Johnson
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadRethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
OpenDNS
 

Similar a Social Cybersecurity: Reshaping Security Through An Empirical Understanding of Human Social Behavior (20)

The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015The Role of Social Influence In Security Feature Adoption, at CSCW 2015
The Role of Social Influence In Security Feature Adoption, at CSCW 2015
 
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
Increasing Security Sensitivity With Social Proof: A Large-Scale Experimenta...
 
CHI abstract camera ready
CHI abstract camera readyCHI abstract camera ready
CHI abstract camera ready
 
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
Learning from the People: Responsibly Encouraging Adoption of Contact Tracing...
 
Detection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social NetworkDetection and Minimization Influence of Rumor in Social Network
Detection and Minimization Influence of Rumor in Social Network
 
Ponemon Institute Research Report
Ponemon Institute Research ReportPonemon Institute Research Report
Ponemon Institute Research Report
 
Insightful Research: The State of Mobile Application Insecurity
Insightful Research: The State of Mobile Application Insecurity Insightful Research: The State of Mobile Application Insecurity
Insightful Research: The State of Mobile Application Insecurity
 
NetSafety w/ Anne Collier
NetSafety w/ Anne CollierNetSafety w/ Anne Collier
NetSafety w/ Anne Collier
 
Online Safety 3.0
Online Safety 3.0Online Safety 3.0
Online Safety 3.0
 
NSBA2010
NSBA2010NSBA2010
NSBA2010
 
Mitigating Influence of Disinformation Propagation Using Uncertainty-Based Op...
Mitigating Influence of Disinformation Propagation Using Uncertainty-Based Op...Mitigating Influence of Disinformation Propagation Using Uncertainty-Based Op...
Mitigating Influence of Disinformation Propagation Using Uncertainty-Based Op...
 
Episode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of SonatypeEpisode Four: Wayne Jackson of Sonatype
Episode Four: Wayne Jackson of Sonatype
 
204
204204
204
 
Poster_final
Poster_finalPoster_final
Poster_final
 
final campaign
final campaignfinal campaign
final campaign
 
SkinnerJ_FinalPaper
SkinnerJ_FinalPaperSkinnerJ_FinalPaper
SkinnerJ_FinalPaper
 
Surveillance Systems And Studies That Should Be...
Surveillance Systems And Studies That Should Be...Surveillance Systems And Studies That Should Be...
Surveillance Systems And Studies That Should Be...
 
Pirc net poster
Pirc net posterPirc net poster
Pirc net poster
 
How to Make People Click on a Dangerous Link Despite their Security Awareness
How to Make People Click on a Dangerous Link Despite their Security Awareness How to Make People Click on a Dangerous Link Despite their Security Awareness
How to Make People Click on a Dangerous Link Despite their Security Awareness
 
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie AheadRethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
Rethinking Cyber-Security: 7 Key Strategies for the Challenges that Lie Ahead
 

Más de Sauvik Das

Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...
Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...
Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...
Sauvik Das
 

Más de Sauvik Das (8)

Privacy for the People | HCIC 2023
Privacy for the People | HCIC 2023Privacy for the People | HCIC 2023
Privacy for the People | HCIC 2023
 
Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secre...
Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secre...Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secre...
Thumprint: Socially-Inclusive Local Group Authentication Through Shared Secre...
 
Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...
Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...
Epistenet: Facilitating Programmatic Access & Processing of Semantically Rela...
 
A Market In Your Social Network: The Effect of Extrinsic Rewards on Friendsou...
A Market In Your Social Network: The Effect of Extrinsic Rewards on Friendsou...A Market In Your Social Network: The Effect of Extrinsic Rewards on Friendsou...
A Market In Your Social Network: The Effect of Extrinsic Rewards on Friendsou...
 
Testing Computer-Assisted Mnemonics and Feedback for Fast Memorization of Hig...
Testing Computer-Assisted Mnemonics and Feedback for Fast Memorization of Hig...Testing Computer-Assisted Mnemonics and Feedback for Fast Memorization of Hig...
Testing Computer-Assisted Mnemonics and Feedback for Fast Memorization of Hig...
 
Examining Game World Topology Personalization
Examining Game World Topology PersonalizationExamining Game World Topology Personalization
Examining Game World Topology Personalization
 
Revival Actions in a Shooter Game
Revival Actions in a Shooter GameRevival Actions in a Shooter Game
Revival Actions in a Shooter Game
 
Self-Censorship on Facebook
Self-Censorship on FacebookSelf-Censorship on Facebook
Self-Censorship on Facebook
 

Último

Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRLKochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
kantirani197
 
dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...
dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...
dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...
dkNET
 
Module for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learningModule for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learning
levieagacer
 
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune WaterworldsBiogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Sérgio Sacani
 
SCIENCE-4-QUARTER4-WEEK-4-PPT-1 (1).pptx
SCIENCE-4-QUARTER4-WEEK-4-PPT-1 (1).pptxSCIENCE-4-QUARTER4-WEEK-4-PPT-1 (1).pptx
SCIENCE-4-QUARTER4-WEEK-4-PPT-1 (1).pptx
RizalinePalanog2
 
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Monika Rani
 
Formation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksFormation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disks
Sérgio Sacani
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Sérgio Sacani
 
Introduction,importance and scope of horticulture.pptx
Introduction,importance and scope of horticulture.pptxIntroduction,importance and scope of horticulture.pptx
Introduction,importance and scope of horticulture.pptx
Bhagirath Gogikar
 

Último (20)

Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
Locating and isolating a gene, FISH, GISH, Chromosome walking and jumping, te...
 
GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)GBSN - Biochemistry (Unit 1)
GBSN - Biochemistry (Unit 1)
 
PSYCHOSOCIAL NEEDS. in nursing II sem pptx
PSYCHOSOCIAL NEEDS. in nursing II sem pptxPSYCHOSOCIAL NEEDS. in nursing II sem pptx
PSYCHOSOCIAL NEEDS. in nursing II sem pptx
 
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRLKochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
Kochi ❤CALL GIRL 84099*07087 ❤CALL GIRLS IN Kochi ESCORT SERVICE❤CALL GIRL
 
dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...
dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...
dkNET Webinar "Texera: A Scalable Cloud Computing Platform for Sharing Data a...
 
Module for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learningModule for Grade 9 for Asynchronous/Distance learning
Module for Grade 9 for Asynchronous/Distance learning
 
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts ServiceJustdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service
Justdial Call Girls In Indirapuram, Ghaziabad, 8800357707 Escorts Service
 
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune WaterworldsBiogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
Biogenic Sulfur Gases as Biosignatures on Temperate Sub-Neptune Waterworlds
 
FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
FAIRSpectra - Enabling the FAIRification of Spectroscopy and SpectrometryFAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
FAIRSpectra - Enabling the FAIRification of Spectroscopy and Spectrometry
 
COST ESTIMATION FOR A RESEARCH PROJECT.pptx
COST ESTIMATION FOR A RESEARCH PROJECT.pptxCOST ESTIMATION FOR A RESEARCH PROJECT.pptx
COST ESTIMATION FOR A RESEARCH PROJECT.pptx
 
CELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdfCELL -Structural and Functional unit of life.pdf
CELL -Structural and Functional unit of life.pdf
 
SCIENCE-4-QUARTER4-WEEK-4-PPT-1 (1).pptx
SCIENCE-4-QUARTER4-WEEK-4-PPT-1 (1).pptxSCIENCE-4-QUARTER4-WEEK-4-PPT-1 (1).pptx
SCIENCE-4-QUARTER4-WEEK-4-PPT-1 (1).pptx
 
IDENTIFICATION OF THE LIVING- forensic medicine
IDENTIFICATION OF THE LIVING- forensic medicineIDENTIFICATION OF THE LIVING- forensic medicine
IDENTIFICATION OF THE LIVING- forensic medicine
 
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
Vip profile Call Girls In Lonavala 9748763073 For Genuine Sex Service At Just...
 
Zoology 5th semester notes( Sumit_yadav).pdf
Zoology 5th semester notes( Sumit_yadav).pdfZoology 5th semester notes( Sumit_yadav).pdf
Zoology 5th semester notes( Sumit_yadav).pdf
 
Site Acceptance Test .
Site Acceptance Test .Site Acceptance Test .
Site Acceptance Test .
 
Formation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disksFormation of low mass protostars and their circumstellar disks
Formation of low mass protostars and their circumstellar disks
 
GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)GBSN - Microbiology (Unit 2)
GBSN - Microbiology (Unit 2)
 
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 bAsymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
Asymmetry in the atmosphere of the ultra-hot Jupiter WASP-76 b
 
Introduction,importance and scope of horticulture.pptx
Introduction,importance and scope of horticulture.pptxIntroduction,importance and scope of horticulture.pptx
Introduction,importance and scope of horticulture.pptx
 

Social Cybersecurity: Reshaping Security Through An Empirical Understanding of Human Social Behavior

  • 1. SOCIAL CYBERSECURITY Reshaping Security Through An Empirical Understanding of Human Social Behavior Sauvik Das Georgia Tech sauvik@gatech.edu @scyrusk
  • 2. How can we design systems that encourage better cybersecurity behaviors?
  • 3.
  • 4. What makes people… …use a PIN on their phone? …enable two-factor authentication? …keep their software updated? …behave “securely”?
  • 5. “I started using [a PIN] because everyone around me had a [PIN] so I kind of felt a group pressure to also use a [PIN].
  • 6. “One of my boys wanted to use my phone…so I gave them my passcode. And not that I have anything that I don’t care for them to see or anything, but after they did that then I changed it”
  • 7. “my friends...have a lot of different accounts, the same as me. But they didn’t get into any trouble. So I think maybe it will not be dangerous [to reuse passwords].”
  • 8. A lot of it is social. Security behavior, like any human behavior, is largely driven by social influence.
  • 9. ~50% of behaviors were socially driven HACKERS, TOM HACKERS EVERYWHERE
  • 10. Absent knowledge of how security and social behaviors interact, we have little hope of doing better
  • 11. Measuring Social Influence In Security Behaviors Improving Security Behaviors with Social Influence Social influence strongly affects security behaviors, and this effect is contingent upon the design of a security tool affects its potential for social spread. Making cybersecurity systems more social can encourage better security behaviors.
  • 12. Social influences strongly affect cybersecurity behaviors, and we can encourage better behaviors by designing more social cybersecurity systems.
  • 13. Measuring Social Influence In Security Behaviors Improving Security Behaviors with Social Influence
  • 14. MEASURING SOCIAL INFLUENCE IN SECURITY BEHAVIORS Das, S., Kramer, A., Dabbish, L., and Hong, Jason I. The Role of Social Influence in Security Feature Adoption. Proc. CSCW’15.
  • 15. Login Notifications Login Approvals Trusted Contacts Analyzed how the (non)-use of three optional security tools was affected by friends' use of those tools for 1.5 million Facebook user's social networks. Standard Social
  • 16. DATA COLLECTED 750k 750kusers who newly adopted one of the aforementioned security tools. “use-nots” who had not adopted one of the aforementioned security tools.
  • 18. MATCHED PROPENSITY SAMPLING For each exposure level, compare adoption rate of those who are exposed versus those who are not. This is the effect of social influence. For a given security tool, empirically select exposure levels to friends who use that tool. e.g., 1%, 5%, 10%... Aral, S, Muchnik, L., and Sundarajan, A. Distinguishing influence-based contagion from homophily-driven diffusion in dynamic networks. PNAS 106 (51). 2009.
  • 19. 0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool
  • 20. 0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect
  • 21. 0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect Expected effect
  • 22. 0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect Expected effect Trusted Contacts
  • 23. -50 -40 -30 -20 -10 0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect Expected effect Trusted Contacts Login Approvals
  • 24. -50 -40 -30 -20 -10 0 10 20 30 40 50 E1 E2 E3 E4 E5 DifferenceinAdoptionRate Exposure to friends who use given security tool No effect Expected effect Trusted Contacts Login Approvals Login Notifications What’s going on here?
  • 25. DISAFFILIATION e.g., teenagers who dislike facebook because parents now use it
  • 26. Early adopters of some security tools can be perceived as “paranoid” or ”nutty”, and, in turn, stigmatize the use of those security tools.
  • 27. -50 -40 -30 -20 -10 0 10 20 30 40 50 E1 E2 E3 E4 E5 All effects go up and to the right. More exposure is good! GOOD NEWS
  • 28. -50 -40 -30 -20 -10 0 10 20 30 40 50 E1 E2 E3 E4 E5 The design of a security tool affects its potential for social spread. GOOD NEWS
  • 30. Measuring Social Influence In Security Behaviors Social influence strongly affects security behaviors, and this effect is contingent upon the design of a security tool affects its potential for social spread. Improving Security Behaviors with Social Influence
  • 31. IMPROVING SECURITY BEHAVIORS WITH SOCIAL INFLUENCE Das, S., Kramer, A., Dabbish, L., and Hong, Jason I. Increasing Security Sensitivity With Social Proof: A Large-Scale Experimental Confirmation. Proc. CCS’14.
  • 32. Randomized experiment with 50,000 Facebook users.
  • 33.
  • 34.
  • 35.
  • 36. 8 conditions: 7 social + 1 non-social control 6250 randomly assigned participants per condition Experiment ran for 3 days
  • 37. MEASURES CTR 7d 5mo adoptions adoptions(click through rate)
  • 38. 46,235 (93%) logged in and saw announcement 5,971 (13%) clicked on an announcement 1,873 (4%) adopted one of the promoted tools within 7 days 4,555 (10%) adopted one of the promoted tools within 5 months DESCRIPTIVE STATS
  • 39. 8 9 10 11 12 13 14 15 Raw # Some Over # Only # Over % Only % Raw % Control 7d adoptions 5m adoptions Click-through rate Raw # vs Control 1.36x improvement in CTR 1.10x improvement in adoptions
  • 40. Measuring Social Influence In Security Behaviors Social influence strongly affects security behaviors, and this effect is contingent upon the design of a security tool affects its potential for social spread. Improving Security Behaviors with Social Influence Making cybersecurity systems more social can encourage better security behaviors.
  • 41. How can we design systems that encourage better cybersecurity behaviors?
  • 42. Observable Cooperative Stewarded There is a fruitful but largely untapped opportunity to improve cybersecurity behaviors by making social systems that are more:
  • 43. How can we make it easier for people to observe and emulate good security behaviors? OBSERVABLE
  • 44. How can we design additive security systems that make group security a sum instead of a min function? COOPERATIVE
  • 45. How can we design systems that allow people to act on their concern for the security of their loved ones? STEWARDED
  • 46. Social influences strongly affect cybersecurity behaviors, and we can encourage better behaviors by designing more social cybersecurity systems. SOCIAL CYBERSECURITY Reshaping Security Through An Empirical Understanding of Human Social Behavior Sauvik Das Georgia Tech sauvik@gatech.edu @scyrusk