Predicted and Observed User Behavior in the Weakest-link Security Game
نویسندگان
چکیده
We aim to advance the understanding of individual security decision-making, by combining formal and behavioral analysis. We sketch a game-theoretic model of security decision-making that generalizes the “weakest link” game, and describe a controlled laboratory experiment to reveal differences between predicted and observed user behavior. Results of a pilot study yield possible explanations for behaviors observed in the wild: users show some willingness to experiment with parameters, rarely converge to a fixed behavior, and face difficulties isolating the impact of individual parameters.
منابع مشابه
Security Applications of Mental Models
Any security system is only as strong as its weakest link. All too often, this weakest link is the user whose data needs protection. The perfect user would understand the inner workings of security mechanisms and why they are necessary. Unfortunately, the reality is that users have different levels of experience with, and understanding of, security. Further, the user’s goal is not security, but...
متن کاملHuman Factors of Security Systems: A Brief Review
The human factor is often described as the weakest part of a security system and users are often described as the weakest link in the security chain. In this paper, I review some of the literature on the human factors of security systems and suggest that, rather than blaming users, we should understand the roles and demands placed on them by security systems (Adams & Sasse, 1999). By taking a "...
متن کاملSecurity Investment (Failures) in Five Economic Environments: A Comparison of Homogeneous and Heterogeneous User Agents
Security interactions in networked systems, and the associated user choices, due to their complexity, are notoriously difficult to predict, and sometimes even harder to rationalize. We argue that users often underestimate the strong mutual dependence between their security strategies and the economic environment (e.g., threat model) in which these choices are made and evaluated. This misunderst...
متن کاملAssessment of different methods for fatigue life prediction of steel in rotating bending and axial loading
Generally, fatigue failure in an element happens at the notch on a surface where the stress level rises because of the stress concentration effect. The present paper investigates the effect of a notch on the fatigue life of the HSLA100 (high strength low alloy) steel which is widely applicable in the marine industry. Tensile test was conducted on specimens and mechanical properties were obtain...
متن کاملIntegrating self-efficacy into a gamified approach to thwart phishing attacks
Security exploits can include cyber threats such as computer programs that can disturb the normal behavior of computer systems (viruses), unsolicited e-mail (spam), malicious software (malware), monitoring software (spyware), attempting to make computer resources unavailable to their intended users (Distributed Denial-of-Service or DDoS attack), the social engineering, and online identity theft...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008