Science of Security

Principal Investigator(s): 
Serge Egelman

In this collaborative project, researchers at ICSI are utilizing Carnegie Mellon University's Security Behavior Observatory (SBO) infrastructure to conduct quantitative experiments about how end-users make security decisions. The results of these experiments are used to design new security mitigations and interventions, which are then iteratively evaluated in the laboratory and the field. This collaboration is designed to provide keen insights into how users make security decisions in situ. ICSI researchers are also using the SBO to conduct experiments on understanding users' reactions to security warnings in their home environments as well as how the effectiveness of various security mitigations are impacted by individual differences such as personality traits.

By observing users' behavior when given security warnings as well as surveying them regarding their intent, researchers can gain a much better understanding about why participants choose to obey or ignore particular warnings. This knowledge will help to design better warnings that directly cater to user behaviors (e.g., by dispelling popular misconceptions within the warning text).

Funding for ICSI's research on this project is provided by CMU through a grant from the NSA.