Research Areas
Usable security, human-computer interaction (HCI), computer security, usable security for mobile devices and collaborative multi-touch surfaces, security visualizations, persuasive technology.
Current Topics
User authentication, improving mental models of security, captchas for mobile devices, visualizations of computer security, serious persuasive games to improve security behaviour of end-users, phishing and trust of web interfaces, collaborative security code reviews, safety in automotive user interfaces.
Methods
Prototype design, implementation, and evaluation; empirical user studies; data collection through instrumented prototypes, questionnaires, interviews, observation, eye-tracking; quantitative and qualitative data analysis for usability and security, statistical analysis, thematic analysis.
Sample projects
User authentication for children
We are investigating user authentication for children to better understand the problem and identify suitable solutions. Our initial survey of the literature revealed little research in this area. Thus far, we have conducted an interview study with parents and children to explore their understanding and use of passwords, we have conducted a user study exploring different types of graphical passwords with children, and we are developing a new parent-child authentication mechanism. This project was supported by a grant from the Canadian Internet Registration Authority (CIRA)’s Community Investment Program.
Improving mental models of computer security
We are investigating some of the broader issues related to usable security, namely users’ mental models of security and how these impact usability, the role of persuasion in security interfaces, and the use of serious games/simulations to aid users understand the consequences of security decisions.
We have several projects that fall under the general category of improving users’ mental models of computer security and influencing users towards more secure behaviour.
- Information visualization and interactive comics to teach security threats and protective actions: Our Secure Comics website highlights our work in this area, teaching about (1) password guessing attacks, (2) malware and antivirus, and (3) mobile privacy and geo-tagging. We show that our visualizations increase understanding, encourage more secure behaviour, and are preferred over traditional security education materials.
- Older adults’ understanding of online threats and defenses: The focus of of this project is comparing the mental models of internet security threats of older adults with those of younger adults. By identifying misconceptions, concerns, and gaps in knowledge along with the differences between the two groups, we hope to define better strategies for reaching each group and helping them form more meaningful mental models.
- Users’ understanding and preferences for digital footprints after death: As our online presence grows, questions arise about what happens to our digital footprint after we die and whether this matches what users really want. Our international survey explored user opinions on the subject.
- Auction Hero: Auction Hero is a serious computer game/simulation framework to learn about everyday users’ understanding of computer security, to provide a platform for testing new security designs, to improve users’ mental models of online security, and to encourage more secure behaviour.
- Mini-games to teach about security: We have created several mini-games in progress to teach about particular aspects of computer security and help users form a better mental model of specific threats and defenses.
- User understanding of firewall warnings: Security warnings are only effective if users can respond to them in a secure and effective manner. In this project, we looked at what influences user decisions. We evaluate whether either the context in which the user receives the warning or the content of the warning message affects users’ response to the warning message. This work was done in collaboration with Muhammad Mahmoud and Ashraf Matrawy in the School of Information Technology
Usable security and privacy for mobile devices
We have explored several aspects of security and privacy specifically for mobile devices. Projects include:
- Passwords for flexible displays: We developed a new authentication scheme for upcoming flexible displays where user passwords consist of bending the display in a particular series of gestures.
- Password Alternatives for Mobile Devices: We are currently developing and user testing alternative password schemes that are better suited for mobile devices while still maintaining a password strength closer to that of text passwords. We recently explored graphical password schemes and gesture-based schemes.
- Mobile Captchas: We are currently working on captchas for mobile devices, identifying issues with current implementations, developing alternatives, and developing heuristics for the evaluation of captchas schemes for mobile devices.
- Tor for mobile devices: We explored the usability of mobile tools for Tor and found significant usability issues that potentially compromise users’ privacy and lead to incomplete understanding of what the tools are doing.
Usable Authentication
We have been investigating alternative forms of authentication, such as graphical passwords, for several years. We have an ACM Computing Surveys paper available on the subject. We continue to design and test innovative authentication schemes, to find designs where usability and security converge.
We have developed a platform for testing different password systems, looked at password managers and systems to help users cope with different passwords for different accounts, and are working on password systems more suited to mobile devices.
Some of these projects are included below:
- Password Managers: We developed, Tapas, a dual-possession password manager that uses a smartphone and a desktop/laptop computer. It uses no master password and requires no server-side changes. This is work done in collaboration with members of the CCSL Lab. Previously, our empirical study of password managers resulted in new design guidelines and showed that if users have incorrect mental models of a security system, using that security system may be worse than managing security themselves. We found the most significant problems arose from users having inaccurate or incomplete mental models of the software.
- Multiple Versatile Passwords (MVP): We developed Multiple Versatile Passwords (MVP), a platform for ecologically valid authentication research. MVP allows for comparison of different knowledge-based authentication schemes under the same conditions and with real websites. The system is instrumented to capture the user’s interaction and allow for statistical analysis. Nearly two dozen authentication schemes (graphical and text) have been implemented and others are in-progress; each is configurable to different levels of security and usability through system parameters. The authentication systems are integrated into real websites so that users can be assigned real tasks where login is a secondary concern.
- Graphical passwords: We have designed, implemented, and evaluated several graphical password systems. Cued Click Points (CCP)is a cued-recall graphical password technique. Users click on one point per image for a sequence of images. The next image is based on the previous click-point. CCP also eliminates predictable patterns (such as a selecting points in a straight line) formed by the click-points of a password, making them more difficult for attackers to guess. Persuasive Cued Click-Points (PCCP), addresses the problem of hotspots — portions of the image where users are more likely to select click-points that facilitate more successful guessing attacks. PCCP features several new interaction design strategies, such as a feedback mechanism helpful to legitimate users but not attackers, and mechanisms that influence users to select more secure, yet memorable, passwords. PCCP uses persuasion to influence user choice, encouraging users to select more random, and hence more secure, click-points as part of their password. PCCP significantly reduces hotspots and predictable patterns in passwords while still maintaining usability. PCCP also features a new discretization algorithm, applicable to all click-based graphical password systems, to improve the accuracy of login verification.
- Memorability and Password Interference: Multiple password interference occurs when remembering a password for one system affects the user’s memory of a password for another system. As described in the cognitive psychology literature, memory interference is “the impaired ability to remember an item when it is similar to other items stored in memory” (Anderson & Neely, 1996). We have conducted empirical work comparing the recall of multiple text passwords with recall of multiple click-based graphical passwords. Results showed that text passwords are more susceptible to memory interference than cued-recall graphical passwords, and thus resulted in reduced security.
Captchas
We have collaborated with Fabian Monrose, Jan-Michael Frahm and their research group at UNC on motion captchas. We showed that current moving-object captchas are vulnerable to automated attacks and proposed alternative schemes.
Anti-Malware Field Trials
We worked with Jose Fernandez and his team at the Polytechnique de Montreal on a 4-month field trial of anti-malware software with 50 users to evaluating how well this type of software works “in the wild”. Anti-malware products are typically evaluated using structured, automated tests to allow for comparison with other products and for measuring improved efficiency against specific attacks, which may or may not reflect their practical effectiveness. Our field study revealed how users’ online behaviour and users’ technical proficiency affects the likelihood of infections in real life.