OTO: online trust oracle for user-centric trust establishment

  • Authors:
  • Tiffany Hyun-Jin Kim;Payas Gupta;Jun Han;Emmanuel Owusu;Jason Hong;Adrian Perrig;Debin Gao

  • Affiliations:
  • Carnegie Mellon University, Pittsburgh, PA, USA;Singapore Management University, Singapore, Singapore;Carnegie Mellon University, Pittsburgh, PA, USA;Carnegie Mellon University, Pittsburgh, PA, USA;Carnegie Mellon University, Pittsburgh, PA, USA;Carnegie Mellon University, Pittsburgh, PA, USA;Singapore Management University, Singapore, Singapore

  • Venue:
  • Proceedings of the 2012 ACM conference on Computer and communications security
  • Year:
  • 2012

Quantified Score

Hi-index 0.00

Visualization

Abstract

Malware continues to thrive on the Internet. Besides automated mechanisms for detecting malware, we provide users with trust evidence information to enable them to make informed trust decisions. To scope the problem, we study the challenge of assisting users with judging the trustworthiness of software downloaded from the Internet. Through expert elicitation, we deduce indicators for trust evidence, then analyze these indicators with respect to scalability and robustness. We design OTO, a system for communicating these trust evidence indicators to users, and we demonstrate through a user study the effectiveness of OTO, even with respect to IE's SmartScreen Filter (SSF). The results from the between-subjects experiment with 58 participants confirm that the OTO interface helps people make correct trust decisions compared to the SSF interface regardless of their security knowledge, education level, occupation, age, or gender.