Workshop on Security and Human Behaviour (SHB 2014)
June 9-10, Cambridge – Working papers
The workshop will be held in the
Computer Laboratory, University of
Cambridge. It is sponsored by Trustonic,
Bromium, Good, Google and Facebook.
This is the seventh SHB, and here is the programme.
Here are links to the liveblog, papers and audio recordings for the previous
workshops 2013. 2012, 2011, 2010, 2009 and 2008.
As we prepare for the workshop, I'll be adding to each attendee's name one or
two links to papers that they might like others to look at in advance. Email me
your contributions!
Ross.Anderson at cl.cam.ac.uk
Alessandro Acquisti, CMU:
Faces of Facebook: Privacy in the Age of Augmented Reality
Andrew Adams, Meiji: A
Non-Militarised Approach to Cyber-Security
Bonnie Anderson, BYU: Using
measures of risk perception to predict information security behaviour: insights
from electrencephalography (EEG); How users perceive and respond to security
messages
Ross Anderson, Cambridge: Reading this
May Harm Your Computer: The Psychology of Malware Warnings; book chapters on
psychology and
terror
Scott Atran,
John Jay College, CNRS and University of Michigan: Sacred values and cultural conflict; Black
and White and Red All Over – How the hyperkinetic media is breeding a new
generation of terrorists; Countering Violent
Extremism
Michelle
Baddeley: A
Behavioural Analysis of Online Privacy and Security; Herding,
social influence and economic decision-making: socio-psychological and
neuroscientific analyses
Laura Brandimarte: Misplaced Confidences: Privacy and the Control Paradox; Gone in 15 Seconds: The Limits of Privacy Transparency and Control
Jon Callas, Silent Circle
Jean Camp, Indiana: How Safe is Safe
Enough: The Online Version
Bhismadev
Chakrabarti, Reading: Autistic traits modulate mimicry of
social but not nonsocial rewards; The role of empathy in choosing
rewards from another's perspective
Nicolas Christin, CMU: It's
All About the Benjamins: An Empirical Study on Incentivizing Users to Ignore
Security Advice
Dave
Clark, MIT: A social
embedding of network security - Trust, constraint, power and control
Richard Clayton, Cambridge
Chris Cocking,
Brighton: Hillsborough’s lesson – don’t fear the crowd; Water
cannon; Effects of
social identity on responses to emergency mass evacuation
Serge Egelman, Berkeley:
The effect of
online privacy information on purchasing behaviour: an experimental study;
You've been
warned: An empirical study of the effectiveness of web browser phishing
warnings
Mark Frank, Buffalo;
Human Behaviour and
Deception Detection
Shannon French, Case Western Reserve: The Obligation of
Officers to Preserve the Humanity of Their Troops; Dehumanizing the Enemy: The Intersection of Neuroethics and Military Ethics
Frank Furedi, Kent; How authority
became a dirty word
Diego Gambetta, EUI: Natural
and Strategic Generosity as Signals of Trustworthiness; More hedgehog than fox; Trust
— Making and breaking cooperative relations
Jon
Geater, Trustonic; Usable Hardware Security for Android on ARM devices
Brian Glass,
UCL: Modelling Misrepresentation in Online Seller-Buyer Interactions
Jeff
Hancock, Cornell: Finding Deceptive Opinion Spam by Any
Stretch of the Imagination; Separating Fact
From Fiction: An Examination of Deceptive Self-Presentation in Online
Dating Profiles
Richard
Harper, Microsoft: glancephones, wayve
devices and the cloud
mouse; Trust, Computing, and Society
Cormac
Herley, Microsoft: Is Everything We Know
About Password Stealing Wrong?; Why do Nigerian
Scammers Say They are from Nigeria?
Nick Humphrey, Cambridge
Alice Hutchings, Cambridge
John Kaag,
UML: The Use of
Unmanned Aerial Vehicles in Contemporary Conflict: A Legal and Ethical
Analysis; The moral hazard of drones; Drones, Ethics and the Armchair Soldier
Sharon Leal, Portsmouth
John Lyle, Facebook
Samantha Mann, Portsmouth
David Modic, Cambridge:
We Will
Make You Like Our Research: The Development of a Susceptibility-to-Persuasion
Scale; Reading
this May Harm Your Computer: The Psychology of Malware Warnings
Tyler Moore, SMU: Fashion
crimes; Information
Security Economics - and Beyond
David Murakami Wood, Queens
Masashi
Nishihata, Toronto
Jussi Palomaki, Helsinki: Losing More by Losing It: Poker Experience, Sensitivity to Losses and Tilting Severity; Anticipatory electrodermal activity and decision making in a computer poker-game
Jeunese Payne,
Cambridge: Gendering
the Machine
Yuliy Pisetski, Facebook
Adrienne Porter Felt,
Google: How to Ask For Permission; Experimenting at
Scale with Google Chrome's SSL Warning
Ian Pratt, Bromium: Micro-virtualization
– Retrofitting robust isolation to commodity OSes for security and
privacy
Wojtek Przepiorka, Oxford: Natural and Strategic Generosity as Signals of Trustworthiness
Peter Robinson, Cambridge: Computing with emotions
Angela Sasse, UCL: Learning from "Shadow Security";
How users bypass access control
– and why; Federated
identity to access e-government services – are citizens ready for this
Stuart
Schechter, Microsoft: The User
IS the Enemy, and (S)he Keeps Reaching for that Bright Shiny Power Button!;
Your
Attention Please: Designing security-decision UIs to make genuine risks harder to ignore
Bruce Schneier, Harvard Law
School: The Battle for Power on the
Internet; You Have No
Control Over Security on the Feudal Internet; Our Security Models with Never
Work – No Matter What We Do
David Livingstone Smith,
Maine: Inspiration for
Evil; Dehumanization,
Essentialism, and Moral Psychology; Horor Sanguinis
Frank Stajano,
Cambridge: Understanding scam
victims: seven principles for systems security; It's the Anthropology, Stupid
Peter Swire, Georgia Tech: Liberty and Security in a Changing World
Aron
Szekely, Oxford
Harold Thimbleby, Swansea:
Improving
safety in medical devices and systems
Jodok Troy, Innsbruck: The Power of
the Zealots: Religion, Violence, and International Relations
Sophie
van der Zee, Cambridge: The effect of
cognitive load on nonverbal mimicry in interview settings; Automated measurement and
analysis of body motion
Aldert Vrij, Portsmouth: Outsmarting the liars: toward a cognitive
lie detection approach;
Pitfalls and Opportunities in Nonverbal and Verbal Lie
Detection; Deception
detection: Effects of conversational involvement and probing
Rick Wash, Michigan State: Betrayed By Updates; Stories as
Informal Lessons About Security
Jeff Yan, Newcastle:
Security and usability of
CAPTCHAs; The
memorability and security of passwords – some empirical results
Accommodation: as the workshop takes place in term, we unfortunately cannot
offer college rooms. However there are hotel rooms in
Cambridge to suit all pockets.
Registration: the workshop is invitational and numbers are limited. If you
want to be invited, please contact Ross Anderson, Bruce Schneier or Alessandro
Acquisti.