Towards understanding IT security professionals and their tools
Proceedings of the 3rd symposium on Usable privacy and security
An Experimental Study of Diversity with Off-the-Shelf AntiVirus Engines
NCA '09 Proceedings of the 2009 Eighth IEEE International Symposium on Network Computing and Applications
Digital parenting: designing children's safety
Proceedings of the 23rd British HCI Group Annual Conference on People and Computers: Celebrating People and Technology
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Folk models of home computer security
Proceedings of the Sixth Symposium on Usable Privacy and Security
Towards understanding ATM security: a field study of real world ATM use
Proceedings of the Sixth Symposium on Usable Privacy and Security
Evaluating security products with clinical trials
CSET'09 Proceedings of the 2nd conference on Cyber security experimentation and test
Malware: from modelling to practical detection
ICDCIT'10 Proceedings of the 6th international conference on Distributed Computing and Internet Technology
Methodology for a field study of anti-malware software
FC'12 Proceedings of the 16th international conference on Financial Cryptography and Data Security
Hi-index | 0.00 |
The success of malicious software (malware) depends upon both technical and human factors. The most security conscious users are vulnerable to zero-day exploits; the best security mechanisms can be circumvented by poor user choices. While there has been significant research addressing the technical aspects of malware attack and defense, there has been much less research reporting on how human behavior interacts with both malware and current malware defenses. In this paper we describe a proof-of-concept field study designed to examine the interactions between users, anti-virus (anti-malware) software, and malware as they occur on deployed systems. The 4-month study, conducted in a fashion similar to the clinical trials used to evaluate medical interventions, involved 50 subjects whose laptops were instrumented to monitor possible infections and gather data on user behavior. Although the population size was limited, this initial study produced some intriguing, non-intuitive insights into the efficacy of current defenses, particularly with regards to the technical sophistication of end users. We assert that this work shows the feasibility and utility of testing security software through long-term field studies with greater ecological validity than can be achieved through other means.